Glossary
TSA Security Directive SD02E compliance refers to adherence with the cybersecurity mandates outlined in the U.S. Transportation Security Administration’s (TSA) Security Directive Pipeline-2021-02E, which applies to pipeline and liquefied natural gas (LNG) facility owners and operators. Issued under TSA’s regulatory authority over pipeline security, SD02E mandates specific cybersecurity performance goals and access control measures to protect critical transportation infrastructure from cyber threats.
SD02E was developed in response to the growing threat of cyberattacks targeting critical energy infrastructure, including the Colonial Pipeline ransomware attack in 2021. The directive replaces earlier TSA guidance with enforceable requirements focused on risk-based cybersecurity, access control, incident response, and resilience.
For covered entities, SD02E requires:
Operators must not only implement these controls but also submit cybersecurity implementation plans to the TSA and be prepared for audits or inspections. Failure to comply may result in regulatory enforcement actions.
Xona supports TSA SD02E compliance by delivering secure, auditable, and policy-driven remote access to critical systems, without the use of VPNs or exposed credentials. Its hardened access gateway enforces:
Xona also supports real-time supervision, session approval workflows, and seamless integration with SIEM and compliance systems enabling pipeline and transportation operators to meet SD02E technical requirements while maintaining operational continuity and safety.
TSA SD02E was issued to establish mandatory cybersecurity requirements for critical pipeline, LNG facility, and other transportation operators in the United States. It aims to reduce the risk of cyberattacks by requiring operators to implement technical safeguards such as multi-factor authentication, audit logging, access segmentation, and incident response capabilities. The directive replaces earlier voluntary guidance and introduces enforceable mandates with compliance oversight from the TSA.
Pipeline and liquefied natural gas (LNG) facility owners and operators that fall under the Transportation Security Administration’s oversight for critical infrastructure are required to comply. These organizations must submit detailed cybersecurity implementation plans, meet prescribed performance-based objectives, and be prepared for TSA inspections or audits.
TSA SD02E mandates a range of technical and procedural controls, including: multi-factor authentication (MFA) for all remote access; the elimination of shared or default credentials; network segmentation; least privilege access enforcement; session logging and monitoring; and the ability to detect and respond to incidents in near real time. These controls must be both documented and technically enforced.
Xona directly addresses TSA SD02E requirements by providing secure, browser-based remote access with protocol isolation, eliminating the need for VPNs and jump servers. The platform enforces MFA, time- and role-based access controls, and credential injection to remove the use of shared credentials. Every session is fully logged and recorded, ensuring complete visibility and traceability for compliance reporting.
Yes. Xona stores session logs and full video recordings in an immutable format, tied to individual user identities and actions. These records can be exported to SIEM, GRC, or TSA auditors as evidence of compliance with access control, logging, and monitoring requirements outlined in SD02E.
Xona enables real-time supervision of active sessions, including live viewing, session control override, and immediate termination capabilities. This allows operators to maintain continuous oversight of vendor and internal user activity, fulfilling the directive’s expectation for proactive monitoring and rapid response to anomalous access behavior.
Originally published December 04, 2025
