Iron-clad BMS Cybersecurity in the IoT World
As the built environment becomes ever more connected through Internet of Things (IoT) technology,...
Richard Miller
In 2019, the U.S. Cybersecurity & Infrastructure Security Agency, a division of the Department of Homeland Security, issued a clear advisory about Optergy’s Proton/Enterprise Building Management System after finding that “successful exploitation of [specific] vulnerabilities could allow an attacker to achieve remote code execution and gain full system access.”
While this case was unusually high-profile, even the smallest hack can have a significant impact on your commercial building portfolio. A carefully architected and well-integrated system is a critical part of alleviating security risks, cybercrime, downtime, and other concerns in a viable and cost-effective way. As network-connected BMSs grow in popularity and complexity, partnering with a systems integrator who has building domain expertise and can provide advanced solutions for addressing building management system vulnerabilities is quickly becoming essential to maintaining security. And, their role isn’t limited to improving security; they can also play a central role in identifying and resolving your building’s comfort and efficiency problems.
Common Building Management System Vulnerabilities and Solutions
To address vulnerabilities, facilities managers and building owners must begin with a comprehensive system overview in mind and consider various aspects of building management using a big-picture approach to identify a modern solution that can lead to improvements in a number of key areas. These include mitigating vulnerabilities related to physical and infrastructure security, reducing attack vectors for hacking, and general cybersecurity best practices, as well as non-security-related challenges.
VULNERABILITY |
SOLUTION |
|
Smart Building Security Smart building technology can introduce points of weakness that leave your systems open to attack. With the increasing convergence between IT and OT networks, teams should pay increased attention to both physical and digital security requirements. A secure smart building is one that with a well architected network and a dedicated team capable of evaluating and protecting multiple aspects of many systems. |
Master Systems Integration Work closely with experienced master systems, IT, security, and controls professionals. A professional team of certified designers and engineers can carefully evaluate, troubleshoot, and develop a system design with a focus on security at the core of the process, customize your entire commercial building’s physical and digital security, and protect your vital equipment and assets. Most importantly, an MSI with an internal IT team can speak the same language as your IT department, ensuring that all avenues are covered and everyone feels comfortable with the system before it gets installed. |
|
System Hacking System hacking involves both external and internal threats. Weaknesses like minimal password protection and outdated control systems increase the possibility of a hack into operating systems. When you’re managing multiple connected devices and equipment from different manufacturers, the security risk is increased. |
Advanced Integration Protocols A master systems integrator with system-wide, advanced integration, security, and analytics expertise can ensure your internal and external threats are identified and addressed via the most up-to-date technologies and open protocols. An integrator with deep domain knowledge can ensure system hacking and other vulnerabilities are effectively deterred and addressed and system components are updated as required across the operation. |
|
Cybersecurity Risks Integrated systems with vulnerable endpoints place buildings at significant risk for cybercrimes. If you are deploying technologies connected to heating, cooling, lighting, and IP-enabled devices, your system can potentially be breached by cybercriminals who gain unfiltered access to your internal systems. |
Intelligent Analysis and Securing Endpoints You can protect assets at risk for cybercrime by analyzing and securing endpoint connections throughout your building’s framework. With integration of smart technology and analytics built into your operational architecture, a master systems integrator can support your internal efforts to evaluate the secure postures of all devices that you’re connecting to a network, as well as work with you to develop VLAN and secure VPN strategies. |
Both physical and cybersecurity problems can be dangerous threats for commercial buildings. To effectively address building management system vulnerabilities, like insecure system configuration that opens the door to hackers, a partner who can provide comprehensive services is invaluable.
A crucial first step to achieving a secure smart building management system is for operational and IT teams to work together to establish cybersecurity standards for building system networks. Understanding our company’s VPN policies, IP address assignment process, network architecture standards and other networking details will get your smart building project off the ground much faster and with less concern over cybersecurity vulnerabilities.
Implementing a Smart Building Management System
There are risks everywhere, particularly when you own or operate large facilities or commercial buildings. That’s why it’s important to get ahead of vulnerabilities with an effective and cost-efficient strategy.
By implementing a smart building management system with integrated systems and intelligent analytics you can gain:
- A secure landscape for building automation systems and networks
- Immediate flagging of unexpected system access
- Managed remote access and traffic logs by user and role.
- A fault detection system that proactively identifies and addresses threats with minimal-to-no human intervention
- Effective change management to navigate the proper design, analytics, precision monitoring, and end-to-end controls for intelligent BMS network automation.
- Real-time, actionable insights and customized reporting with the ability to track network device status and bandwidth usage.
Buildings IOT can help you work through a cybersecurity strategy for your smart building systems with smart building solutions that deliver multiple layers of security and expertise in all areas of master integration. With our team of integration experts, including an in-house IT team dedicated to providing managed services for smart buildings, we can create a custom solution to give you total control, security, and visibility 24 hours a day.
Buildings IOT offers the services and technologies you need to address building management system vulnerabilities. Contact our team of experts today.
