Security in the mining sector: a unique challenge

By Jordan Cullis.

Providing security in a mining environment is tough.   Remote sites, a reliance on hazardous materials, limited local infrastructure and geopolitical instability are common risk factors that can make installations susceptible to malicious attack.  Any security breach has the potential to endanger staff, damage the local environment and disrupt production.

Mines employ hundreds and sometimes thousands of staff. They are typically found in remote locations and may cover many kilometres of remote, harsh terrain. The companies that operate mines have a duty-of-care to ensure the well-being of their communities which include not only staff but contractors, partners and other visitors, and the general public.

This requires always knowing who’s onsite and where they are at any given time.   It requires restricting access to high-risk areas and ensuring that the general public can’t accidentally access hazardous areas such as underground sites, explosives storerooms or operating machinery rooms.

It’s not just a duty-of-care either.  There are occupational health and safety implications involving security.  In certain circumstances, only staff with a proper level of training and expertise should be allowed to access given areas and they must be properly equipped.

For many mines, perimeter security is perhaps the most difficult concern. Keeping unauthorised people out is vitally important to the mining organisation in terms of protecting and securing staff, resources and equipment. And given the specialised, expensive equipment onsite, theft is always a potential issue.

While some general security principles are common across the industry, the primary security needs of one mine will always differ from those of the next, depending on the nature of the operation.  A high value mine, for instance, will require extremely high levels of security to protect its products, whereas a coal mine is more likely to focus on operational and management efficiency to ensure that productivity remains on track and staff behaviour remains within acceptable parameters.

The challenge is to put in place a suitable infrastructure to quickly and positively identify all individuals onsite, to issue each individual with the required credentials, and to restrict movements onsite according to the access rights demanded by the individual’s role and corresponding credentials.

This has to be achieved despite the admittedly difficult physical characteristics of mining operations.  Access card readers, for example, may need to be installed underneath a roofline in a workshop.  It’s not likely that the location will be completely enclosed, so there’s the risk of all-enveloping dust.  Therefore, readers must be able to withstand harsh operating environments.

Communications and power are additional yet common problems.  Excessive cabling is not feasible over vast mining sites.  Instead, mining security managers tend to prefer devices that can port into pits or nodes wherever infrastructure exists.

Changing Technologies Bring Changing Strategies

In the past, mining organisations relied on multiple credentials and access control systems to fulfil different tasks, resulting in the proliferation of single-purpose systems running in parallel. In addition to being resource-intensive, disparate access control and security systems do not scale and can be costly to integrate.  A consolidated strategy is, therefore ,crucial.

Consolidated strategies entail more than simply the credential and the reader. To ensure a balance between convenience and security, access rights should be centrally managed, with a holistic approach that integrates operational support systems, network infrastructure and facility management solutions.

Today, the focus has moved to converged systems capable of securing a wide range of sensitive sites and assets, including heavy equipment and transportation. Three main categories of solutions have emerged:

1. IP-based access control solutions

By connecting an IP-based controller with a host PC via a TCP/IP network, the administrator can perform all execution commands including tracking, changing access card data, managing access authority, tracking staff and visitor flow and controlling access to remote areas (including remotely opening and closing doors and activating or deactivating alarm signals to prevent potential security risks).

The beauty of IP-based solutions is that they seamlessly integrate with other sub-systems for monitoring and response.  For example, security managers can configure alarm messages for safety management.  In the event of an emergency, the system can determine the incident type and location and unlock emergency doors for evacuation.

IP-based solutions are also convenient.  They require less wiring: Today, 16 wires are required per door and with IP, only a single CAT 5/6 is needed and that is often already in place.  They use off-the-shelf equipment including standardised power supplies and enclosures.

When combining IP-based access control with other IP solutions such as video surveillance, hardware can be shared for multiple applications, including storage, networking, wiring and battery backup.  Users can even integrate their current access control solution and migrate to IP as doors are added.

IP is easily scalable from one access point to thousands.  And some IP access controllers can utilise Power over Ethernet (PoE)-enabled technology, which means that only one cable is required for both network and power.

2. Contactless smart card technology

Solutions using contactless smart cards offer single, dual or three-factor authentication, enabling companies to match the level of security to the sensitivity of a given area.  With single-factor authentication, using the card on its own will give a user access to a system or open a door.   Dual-factor authentication provides an extra level of security in the form of a PIN [personal identification number].  Three-factor authentication goes one step further, requiring a PIN and an extra security measure such as a biometric scan.

Although contactless smart cards have traditionally been used for physical access control, their ease of use and adaptability for different security levels is fuelling their adoption for logical access control as well.

Flexibility is another big benefit of contactless cards.  They make it possible to restrict access to specific areas at specific times; for example, excluding personnel from blast zones during times of danger or, conversely, authorising personnel to enter critical zones.  Temporary visitor badges can be set to allow entry to specific areas while staff access levels can be set according to job title.

Because the cards record data, they lend themselves to other uses.  Training records can be kept on the worker’s access card, making it easier to ensure that training remains in sync with physical access rights in different areas and when accessing specialised equipment.

Similarly, the cards can be used for equipment vending. By tapping the card at the equipment vending machines, the company can keep track of who has taken what
safety equipment and from where it has been taken. With the help of a back-end software system, this information can then be used to generate reports and facilitate equipment usage analysis.

3. Wireless access control readers

Wireless technologies use readers with WiFi connectivity to create a wireless access control system between readers and control panels. Although not likely to be effective across a large operation, they are a highly suitable alternative for difficult or niche areas in mine sites and may be best used as a complement to other solutions.

A Pipeline Of Practical Solutions

There is no ’one size fits all’ approach to  mine site security.  There will always be a host of factors such as specific vulnerabilities, the level and type of threats faced, and the physical environment that will determine which technology is most appropriate for a given site.

What is clear, is that security technology is becoming more sophisticated by the day.  The current generation of IP-based access control solutions represent less downtime, less maintenance and no catastrophic failures.  Unlike traditional systems, IP solutions conduct constant health checks, immediately notifying the user whenever a problem is identified.

And as a software-based solution, upgrade costs are effectively minimised.  End users can maximise their investment by using the latest hardware technologies and leveraging their existing IP infrastructure.

Over the past decade, organisations have become savvier when evaluating security solutions.  They are looking beyond the initial product cost to make total cost-of-ownership decisions that include operational expenses.

When doing this, there are several life cycle, management issues to consider, including the equipment’s expected useful life; its scalability for additional applications and the technology’s migration path.

For example, contactless smart cards can be used to support multiple identity-driven applications including logical access, time and attendance, cashless payment, local public transportation and others, providing an opportunity to realise significant cost savings by maximising the uses of a single card.

Large mining companies should consider requirements based on the national and or worldwide footprint of their facilities.  For these organisations, an identification and access management system must be capable of being deployed across multiple continents; integrated with a wide variety of host systems and so adaptable as to include additional country or site-specific security measures.

The importance of securing mining assets will not diminish in the years ahead.  Indeed, as some resources grow scarce, the need to secure information and limit physical access
to assets will become greater.  The challenge is to achieve the required level of security without forgoing convenience and efficiency and this is where the value of today’s converging security technologies will become increasingly apparent.

Jordan Cullis is the Director of Sales for Australia and New Zealand at HID Global. Jordan has extensive security industry experience across various markets including commercial, education, healthcare, financial and government sectors. He is responsible for driving the company’s business objectives and sales performance as well as the successful promotion of the HID Global brand in the region. Jordan holds a Bachelor Degree in Electronic Engineering at Royal Melbourne
Institute of Technology.