In part one of our CRE cybersecurity series we discussed the perceived risks associated with IoT and how it’s often thought to lead to compromised cybersecurity. The unfortunate reality is that disconnected buildings are often just as vulnerable to cyberattacks as their connected counterparts, as older buildings can contain units that are internet-active and unencrypted, all without the facilities management (FM) team’s knowledge. In addition, an older BMS can expose your portfolio to information leaks and cyberattacks if not updated to protect against the latest malware.
If you’re not sure how vulnerable your organization is to cyberattacks, the first step should be to execute a comprehensive site audit, including the building network, BMS, all sub-systems, and any IoT devices. Log all previous contractors that have had maintenance contracts and ensure you consistently capture the software they use and how they gain external access to your buildings. Unfortunately, it’s not uncommon for critical systems to be commissioned and deployed from contractor laptops with no handover or internal back up of those files. The audit should therefore include the manufacturer, model, firmware versions, points of external access, usernames, passwords and the locations of all system configuration files.
A comprehensive audit should conclude with a Data Commissioning Report, evaluating the performance of each connected device and sensor. A Data Commissioning Report provides a list of issues that need to be resolved by a controls or network vendor, as well as a summary of the building systems capable of being integrated into a smart building platform. Some common issues highlighted by a Data Commissioning Report include:
While cybersecurity risks are typically hidden in the underlying IT and OT systems, this report should complement your cybersecurity audit, providing a comprehensive list of your sensors, highlighting which are disconnected, miscalibrated or broken.
Completing a site audit will create a foundation for your cybersecurity strategy and further investment into a scalable smart building program. Contrary to what the headlines lead us to believe, embracing IoT technology is key to improving cybersecurity, when implemented correctly. Having discovered your portfolio’s cybersecurity weaknesses, you’ll then need to address them - find out how in part 3 of our CRE cybersecurity series.
Talk to a smart building expert to learn more about how Switch helps portfolio managers reach their sustainability goals.
5 articles found
Get to know our Platform Architect, Daryl Oliveros! We discuss everything from working with Radio Frequency Identification to AI.
Switch presents our PropTech megatrends for 2022, and how these will impact our experience of the built environment for the year to come.
Smart Building Certification is pleased to welcome Switch Automation and their vast experience to the SBC ecosystem to work together on improving the world through discovery, education, and collaboration.
A virtual roundtable discussion at CRETech 2020 about how data-driven sustainability increases resilience and profitability.
Get to know our Switchers as we share our journeys in the smart building industry and what it’s like working at Switch!
As climate change intensifies, the urgency to act on one of our biggest levers—energy use in commercial and retail buildings—has never been clearer. Every kilowatt saved is a step closer to sustainability, slashing greenhouse gas emissions while moving us toward essential climate goals. Whether you’re overseeing a retail portfolio or managing a single commercial space, boosting energy efficiency doesn’t just cut costs—it creates healthier, more comfortable spaces for everyone. Now is the time to act.
Smart building technology is constantly evolving and improving, and there are several trends that are expected to take center stage in 2023.
When it comes to being a building owner or operator, you have a lot to balance.
