In part one of our CRE cybersecurity series we discussed the perceived risks associated with IoT and how it’s often thought to lead to compromised cybersecurity. The unfortunate reality is that disconnected buildings are often just as vulnerable to cyberattacks as their connected counterparts, as older buildings can contain units that are internet-active and unencrypted, all without the facilities management (FM) team’s knowledge. In addition, an older BMS can expose your portfolio to information leaks and cyberattacks if not updated to protect against the latest malware.
If you’re not sure how vulnerable your organization is to cyberattacks, the first step should be to execute a comprehensive site audit, including the building network, BMS, all sub-systems, and any IoT devices. Log all previous contractors that have had maintenance contracts and ensure you consistently capture the software they use and how they gain external access to your buildings. Unfortunately, it’s not uncommon for critical systems to be commissioned and deployed from contractor laptops with no handover or internal back up of those files. The audit should therefore include the manufacturer, model, firmware versions, points of external access, usernames, passwords and the locations of all system configuration files.
A comprehensive audit should conclude with a Data Commissioning Report, evaluating the performance of each connected device and sensor. A Data Commissioning Report provides a list of issues that need to be resolved by a controls or network vendor, as well as a summary of the building systems capable of being integrated into a smart building platform. Some common issues highlighted by a Data Commissioning Report include:
While cybersecurity risks are typically hidden in the underlying IT and OT systems, this report should complement your cybersecurity audit, providing a comprehensive list of your sensors, highlighting which are disconnected, miscalibrated or broken.
Completing a site audit will create a foundation for your cybersecurity strategy and further investment into a scalable smart building program. Contrary to what the headlines lead us to believe, embracing IoT technology is key to improving cybersecurity, when implemented correctly. Having discovered your portfolio’s cybersecurity weaknesses, you’ll then need to address them - find out how in part 3 of our CRE cybersecurity series.
Talk to a smart building expert to learn more about how Switch helps portfolio managers reach their sustainability goals.
5 articles found
Harnessing remote analysis, reporting and control, here are the top 3 reasons that smart building technology is crucial when disaster strikes.
The Switch Platform integrates with commercial building portfolios via the Switch IoT appliance, data mapping and APIs.
Switch's latest video details three tips for real estate leaders to successfully guide their enterprises into the digital future.
This final part of our series investigates the financial, organizational and occupant-related benefits of green building certification.
The right smart building platform supports green building certification, whether you’re embarking on retro or continuous commissioning.
Completing a site audit will create a foundation for your cybersecurity strategy and further investment into a scalable smart building program.
As climate change intensifies, the urgency to act on one of our biggest levers—energy use in commercial and retail buildings—has never been clearer. Every kilowatt saved is a step closer to sustainability, slashing greenhouse gas emissions while moving us toward essential climate goals. Whether you’re overseeing a retail portfolio or managing a single commercial space, boosting energy efficiency doesn’t just cut costs—it creates healthier, more comfortable spaces for everyone. Now is the time to act.
Smart building technology is constantly evolving and improving, and there are several trends that are expected to take center stage in 2023.
When it comes to being a building owner or operator, you have a lot to balance.