Let's Chat

Please select a below topic related to your inquiry and we’ll get back to you shortly.

Afghanistan
Albania
Algeria
Andorra
Angola
Antigua and Barbuda
Argentina
Armenia
Australia
Austria
Azerbaijan
The Bahamas
Bahrain
Bangladesh
Barbados
Belarus
Belgium
Belize
Benin
Bhutan
Bolivia
Bosnia and Herzegovina
Botswana
Brazil
Brunei
Bulgaria
Burkina Faso
Burundi
Cabo Verde
Cambodia
Cameroon
Canada
Central African Republic
Chad
Chile
China
Colombia
Comoros
Congo, Democratic Republic of the
Congo, Republic of the
Costa Rica
Côte d’Ivoire
Croatia
Cuba
Cyprus
Czech Republic
Denmark
Djibouti
Dominica
Dominican Republic
East Timor (Timor-Leste)
Ecuador
Egypt
El Salvador
Equatorial Guinea
Eritrea
Estonia
Eswatini
Ethiopia
Fiji
Finland
France
Gabon
The Gambia
Georgia
Germany
Ghana
Greece
Grenada
Guatemala
Guinea
Guinea-Bissau
Guyana
Haiti
Honduras
Hungary
Iceland
India
Indonesia
Iran
Iraq
Ireland
Israel
Italy
Jamaica
Japan
Jordan
Kazakhstan
Kenya
Kiribati
Korea, North
Korea, South
Kosovo
Kuwait
Kyrgyzstan
Laos
Latvia
Lebanon
Lesotho
Liberia
Libya
Liechtenstein
Lithuania
Luxembourg
Madagascar
Malawi
Malaysia
Maldives
Mali
Malta
Marshall Islands
Mauritania
Mauritius
Mexico
Micronesia, Federated States of
Moldova
Monaco
Mongolia
Montenegro
Morocco
Mozambique
Myanmar (Burma)
Namibia
Nauru
Nepal
Netherlands
New Zealand
Nicaragua
Niger
Nigeria
North Macedonia
Norway
Oman
Pakistan
Palau
Panama
Papua New Guinea
Paraguay
Peru
Philippines
Poland
Portugal
Qatar
Romania
Russia
Rwanda
Saint Kitts and Nevis
Saint Lucia
Saint Vincent and the Grenadines
Samoa
San Marino
Sao Tome and Principe
Saudi Arabia
Senegal
Serbia
Seychelles
Sierra Leone
Singapore
Slovakia
Slovenia
Solomon Islands
Somalia
South Africa
Spain
Sri Lanka
Sudan
Sudan, South
Suriname
Sweden
Switzerland
Syria
Taiwan
Tajikistan
Tanzania
Thailand
Togo
Tonga
Trinidad and Tobago
Tunisia
Turkey
Turkmenistan
Tuvalu
Uganda
Ukraine
United Arab Emirates
United Kingdom
United States
Uruguay
Uzbekistan
Vanuatu
Vatican City
Venezuela
Vietnam
Yemen
Zambia
Zimbabwe

For more information about how Switch handles your personal data, please see our Privacy Policy.

Thank you!
Your submission has been received!
Oops! Something went wrong while submitting the form.
How to identify security vulnerabilities in your network

How to identify security vulnerabilities in your network

Completing a site audit will create a foundation for your cybersecurity strategy and further investment into a scalable smart building program.

In part one of our CRE cybersecurity series we discussed the perceived risks associated with IoT and how it’s often thought to lead to compromised cybersecurity. The unfortunate reality is that disconnected buildings are often just as vulnerable to cyberattacks as their connected counterparts, as older buildings can contain units that are internet-active and unencrypted, all without the facilities management (FM) team’s knowledge. In addition, an older BMS can expose your portfolio to information leaks and cyberattacks if not updated to protect against the latest malware.

Identifying the holes in your cybersecurity

If you’re not sure how vulnerable your organization is to cyberattacks, the first step should be to execute a comprehensive site audit, including the building network, BMS, all sub-systems, and any IoT devices. Log all previous contractors that have had maintenance contracts and ensure you consistently capture the software they use and how they gain external access to your buildings. Unfortunately, it’s not uncommon for critical systems to be commissioned and deployed from contractor laptops with no handover or internal back up of those files. The audit should therefore include the manufacturer, model, firmware versions, points of external access, usernames, passwords and the locations of all system configuration files.

What is a Data Commissioning Report?

A comprehensive audit should conclude with a Data Commissioning Report, evaluating the performance of each connected device and sensor. A Data Commissioning Report provides a list of issues that need to be resolved by a controls or network vendor, as well as a summary of the building systems capable of being integrated into a smart building platform. Some common issues highlighted by a Data Commissioning Report include:

  • Disconnected or inconsistent connectivity of building systems
  • Systems not commissioned as directed
  • Poorly named points and/or tagging schemas
  • Inconsistent sensor polling counts
  • Erroneous sensor readings
  • Data points not responding to BACnet commands
  • Network outages resulting in entire sections of the building not reporting data

While cybersecurity risks are typically hidden in the underlying IT and OT systems, this report should complement your cybersecurity audit, providing a comprehensive list of your sensors, highlighting which are disconnected, miscalibrated or broken.

Creating a foundation for your smart building journey

Completing a site audit will create a foundation for your cybersecurity strategy and further investment into a scalable smart building program. Contrary to what the headlines lead us to believe, embracing IoT technology is key to improving cybersecurity, when implemented correctly. Having discovered your portfolio’s cybersecurity weaknesses, you’ll then need to address them - find out how in part 3 of our CRE cybersecurity series.

Talk to a smart building expert to learn more about how Switch helps portfolio managers reach their sustainability goals.

Let's Chat
PUBLISHED
March 20, 2019
Switch Team
Switch Team
Switch Automation
RELATED TAGS
No items found.
SHARE THIS ARTICLE

Filter by

Thought Leadership

5 articles found

Industry Insight

Emissions Regulations for US & Canadian Building Owners: What You Need to Know

When it comes to being a building owner or operator, you have a lot to balance.

Switch Team
Switch Automation
Read Article
Industry Insight

Switch Automation at the Blueprint 2022 in Las Vegas

Switch team had the pleasure of participating in the Blueprint 2022 in Las Vegas last September, convening with the industry's thought leaders and key companies

Switch Team
Switch Automation
Read Article
People Culture

Switch Celebrates Wear It Purple Day

Switch celebrates Wear It Purple Day 2022—an international movement of expression, celebration and support.

Switch Team
Switch Automation
Read Article
Product

How to choose the best building management app

A good building management app helps commercial property managers streamline operations, save time and cut costs. Select the right one by following these tips.

Switch Team
Switch Automation
Read Article
Industry Insight

Investing in the Future of Higher Education and Universities with Digital Facilities Management

With the onset of climate change to drive the global sustainability agenda, energy consumption in the educational sector is both an environmental and financial concern for schools and universities. How can universities leverage the adoption of intelligent building technology to improve energy efficiency?

Switch Team
Switch Automation
Read Article
People Culture

Switch Spotlight: Andrew Chee

Get to know our Switchers as we share our journeys in the smart building industry and what it’s like working at Switch!

Switch Team
Switch Automation
Read Article

Latest articles

Industry Insight

Emissions Regulations for US & Canadian Building Owners: What You Need to Know

When it comes to being a building owner or operator, you have a lot to balance.

Industry Insight

Switch Automation at the Blueprint 2022 in Las Vegas

Switch team had the pleasure of participating in the Blueprint 2022 in Las Vegas last September, convening with the industry's thought leaders and key companies

People Culture

Switch Celebrates Wear It Purple Day

Switch celebrates Wear It Purple Day 2022—an international movement of expression, celebration and support.

Stay connected with us

If you don't want to miss any updates, make sure to subscribe

By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.