With the new MEEP Security Model, permissions can be configured not only at application level but also at data level.

Date published

juni 18, 2026

Categories

Industry Solutions Trends & Insights

Author

Share story

During an audit, a regulator asks a seemingly simple question: “Can you show who modified this process and when?”It should be an easy answer. Yet for many utility organizations, providing a clear and immediate response is more challenging than expected.

Not because the information doesn’t exist. But because permissions have evolved over time, access rights are scattered across systems, and traceability was never designed for today’s regulatory landscape.

As utilities continue to digitize critical operations, security is no longer just about keeping bad actors out. It is about governance, accountability, compliance, and trust.

And that raises a new question: Do you really know who has access to your critical utility processes?

Security expectations have changed

The utility industry is operating in a completely different environment than it was only a few years ago. Regulations such as GDPR and NIS2 are raising expectations around how organizations control access, ensure traceability, and demonstrate accountability across their systems.

While these frameworks cover a broad range of requirements, a critical foundation is the ability to clearly define who has access to which data and to prove it at any moment in time. At the same time, utility organizations are managing increasingly complex processes across multiple teams, systems, and business domains.

As a result, leaders are asking questions that go far beyond IT:

  • Can we demonstrate who performed a specific action?
  • Can we restrict access to sensitive operational or financial data?
  • Can we prove compliance during an audit?
  • Can we maintain security without slowing down business operations?
  • Can our platform scale while remaining compliant?

These are no longer technical questions. They are business-critical questions.

Why Ferranti evolved MEEP Security

MEEP, the MECOMS Enterprise Extensibility Platform, has become a central orchestration platform for an increasing number of critical utility processes.

As the platform’s role continues to grow, so do the expectations around governance, transparency, and security. That is why Ferranti redesigned the MEEP Security Model: to align with modern enterprise security standards while providing utility organizations with greater control, stronger traceability, and enhanced operational governance.

The result is a security framework built around three key pillars.

PILLAR 1: The right people. The right access.

In many systems, security often comes down to two basic options:

  • User
  • Administrator

But real-world utility organizations are far more complex than that. Operations teams, customer service representatives, finance departments, integration specialists, and platform administrators all require different levels of access and responsibility.

A one-size-fits-all approach no longer works.

The new MEEP Security Model introduces a flexible role and permission structure that allows organizations to define access with much greater precision. Roles, permissions, applications, and profiles can be configured according to business needs and governance requirements.

This gives organizations the ability to ensure users receive exactly the access they need and nothing more.

The result?

  • Greater control
  • Reduced operational risk
  • Improved governance
  • Better alignment with compliance requirements

Because effective security starts with granting the right access to the right people.

From basic user management to enterprise-grade role configuration tailored to your organization.

PILLAR 2: Every action leaves a trace


Imagine a critical customer or financial record is modified. The first question is rarely what changed. The real question is: Who changed it?

Without proper traceability, organizations face increased compliance risks and reduced accountability. The new MEEP Security Model introduces comprehensive audit trail capabilities, enabling organizations to transparently track data creation, modifications, and user activity.

This creates:

  • Stronger fraud prevention
  • Simplified audits
  • Better operational transparency
  • Increased confidence in critical business processes

In short: No more guessing. No more blind spots.

Why This Matters in a NIS2 World

NIS2 is not simply about cybersecurity. It is about demonstrating control over critical systems and processes. Organizations must be able to show:

  • Who has access to critical systems
  • What actions users can perform
  • How activities are monitored
  • How accountability is enforced

The ability to demonstrate governance is becoming just as important as security itself. For utility organizations preparing for current and future regulatory requirements, traceability is no longer optional. It is becoming a business necessity.

PILLAR 3: Not everyone needs access to everything

One of the biggest challenges in modern organizations is balancing accessibility with security. A finance employee should not necessarily have access to operational workflows. A customer service agent does not need visibility into every dataset.

With the new MEEP Security Model, permissions can be configured not only at application level but also at data level. Organizations can define exactly which users or teams may access specific flow categories, business domains, or datasets. This creates an additional layer of protection while supporting modern compliance requirements.

Granular data permissions ensure users only access the information they are authorized to see.

A practical example


Imagine a utility organization processing both operational and finance-related workflows within the same platform. With traditional security models, users may have broad visibility across all process types.

With the new MEEP Security Model, organizations can restrict finance-related flows exclusively to authorized finance teams while maintaining visibility for other users where appropriate. The result is stronger governance, reduced risk, and better protection of sensitive information. Because not everyone needs access to everything.

More than security. Peace of mind.

The biggest advantage of the new MEEP Security Model is not a feature. It is confidence. Confidence that:

  • ✔ Critical processes are protected.
  • ✔ Compliance requirements are easier to meet.
  • ✔ Security can evolve alongside business growth.
  • ✔ Audit preparation becomes significantly simpler.
  • ✔ Users only access what they genuinely need.

For utility organizations navigating increasing regulatory pressure and operational complexity, that confidence is becoming invaluable.

Building the foundation for the utility of tomorrow

The question is no longer whether security matters. The question is whether your current security model is ready for what comes next.

Utilities are operating in an environment where regulatory expectations continue to increase, operational ecosystems become more interconnected, and governance requirements grow more demanding every year.

Organizations need more than secure software:

  • They need transparency.
  • They need accountability.
  • They need trust.

With the new MEEP Security Model, Ferranti helps utility organizations strengthen governance, improve transparency, and gain greater control over their most critical processes. Because when utilities can trust the systems behind their operations, they can focus on what matters most: Delivering reliable energy and services to millions of customers.

Is your utility ready for NIS2?

Discover how MEEP Security helps utilities strengthen governance, improve traceability, and implement enterprise-grade access control for critical business processes.

Mar Jorba

Talk to our experts and see MEEP Security in action.

Talk the talk

More relevant stories

Stay informed about current events and stay on top of the latest trends for energy suppliers, grid operators, heat-and-water providers.