Deploying a smart building program to ensure cybersecurity

In part two of our CRE cybersecurity series, we explained that cybersecurity vulnerabilities are widespread in both smart and non-smart buildings alike. The last three decades of CRE technology development and undocumented contract work means that most buildings are currently vulnerable to cyberattacks. As a result, a site audit is imperative to establish the health of a network and whether or not any sensors are unencrypted. While step two indicates the current health of a building, there is more to be done to fortify your portfolio. In this third and final installment of the series we discuss how a well-executed smart building program can ensure airtight CRE cybersecurity throughout your portfolio.

Taking cybersecurity to the next level

An effective smart building program helps properties run more efficiently, enabling facility and real estate teams to do more, faster and with less effort. As new technologies enter the market, real estate professionals must familiarize themselves with vendor offerings and how to procure the best solution for their unique business and operational goals. Follow these three smart building strategies to safeguard your portfolio against cyberattacks:

  1. Deploy a comprehensive smart building platform.
    An effective smart building program provides end users with a centralized source of actionable insight to drive asset visibility and improve building performance. This is a powerful cybersecurity tool that empowers your facilities management (FM) team to easily perform continuous commissioning and regularly assess device connectivity and network integrity. Additionally, cloud-hosted smart building platforms can be remotely updated to protect against the latest malware.
  2. Ensure every building is connected to its own secure IoT appliance. Until recently, it was commonplace for sensor connections to be simple, unencrypted and exposed to the internet, often without a standardized internal logging process for future site teams. Sensors plugged into unprotected connections enable unauthorized external agents – or “hackers” – to change unit configurations, sometimes leading to disastrous data leaks and functionality tampering. An unprotected BACnet could leave you completely exposed if using standard, default IT configurations. In contrast, a secure IoT appliance forms an airtight link between onsite solutions and a centralized data platform via banking-grade encryption.
  3. Decommission obsolete, legacy or ‘unsmart’ devices and install IoT-enabled solutions. Assets can become stranded as more advanced and efficient building equipment is purchased and installed. ‘Unsmart’ legacy equipment that doesn’t feed real-time performance data to a BMS or smart building platform are more difficult to monitor and manage and the resulting inefficiency can increase these devices’ lifecycle cost. Unfortunately, as we discussed in part 1 of our cybersecurity series, these ’unsmart’ systems can still be vulnerable to cyberattacks. Buildings in U.S. cities are particularly at risk due to the prevalence and diversity of vulnerable, legacy systems in use. Therefore, it’s crucial to decommission older systems where possible to make room for new sensors that provide precise, timely insight into your building performance.

Beyond CRE cybersecurity

A centralized hub of building performance data makes it easy for FM teams to identify and prioritize site performance issues. The use of building performance data to drive optimization is an industry inevitability that will lower costs and boost occupant comfort. While strong cybersecurity is an integral component of a healthy commercial real estate portfolio, it’s just one of many benefits associated with an effective smart building program.

For the latest technology and CRE cybersecurity news and tips, sign up for Switch Automation’s e-newsletter.

Sign up