Home > Buildings > Building Management > Checklist to help secure your Building Management Systems and to prevent cybercrime

Building Management

Checklist to help secure your Building Management Systems and to prevent cybercrime

4 min read | Darren Lovelock

This audio was created using Microsoft Azure Speech Services

Darren Lovelock is Managing Director at Lloret Group, a certified Building Management Systems (BMS) EcoXpert.

Cybercrime is on the increase, yet some businesses still don’t take the matter seriously enough.

Once upon a time in Hollywood, the perpetrator of cybercrime had a name – Hans Gruber – and a face – he looked just like Alan Rickman. Unfortunately for the ruthless Gruber, he also had a nemesis – John McClane (Bruce Willis) – a New York cop so tough and dedicated that he would literally walk barefoot on broken glass to thwart his adversary.

John McTiernan’s blockbuster, Die Hard, premiered in 1988: office workers at a company Christmas party in Nakatomi Plaza were apparently held to ransom by a group of terrorists with a political grievance. The villains hacked the building control systems to take control of the elevators and doorways to trap their victims on the top floor of the skyscraper. Both the systems and hacking seemed state-of-the-art at the time.

building management systems

Leveraging building management systems technologies to reduce cybercrimes

Fast forward a little more than 30 years: Today, it’s doubtful that many of those responsible for ensuring elevators are in the right place at the right time, and building access control granted to the right people are doing so without some form of building automation. Technologies like intelligent sensors and controls, security and entry management systems, computer networks, and more have become ubiquitous.

Technology plays a major role in ensuring the effectiveness and efficiency of commercial building property. But just as its deployment has increased, so too have fears about its abuse. Concerns surrounding the connectedness of everything have grown just as the number of so-called ‘attack surfaces’ have proliferated.

Research by the Department for Digital, Culture, Media, and Sport (Cyber Security Breaches Survey 2021: Statistical Release) indicates that four out of ten businesses (39%) report having had cybersecurity breaches or attacks over the last 12 months. One in five of those ended up losing money, data, or other assets. The frequency and consequences tend to be greater for medium and large enterprises than small businesses.

According to the research, the impact of the pandemic on corporate networks includes a fall in the proportion of businesses taking basic actions such as keeping malware updated and setting up firewalls. With the widespread emphasis on commercial continuity as staff started to work from home, it is thought that cybersecurity teams are now facing competing priorities. In some cases, they are having to choose between IT service continuity and building maintenance operations, and tasks such as patching software.

With the lifting of most legal requirements surrounding lockdown, it’s reasonable to expect an increase in return to office-based working. The study suggests that as a new hybrid work culture emerges, workers may be less receptive to cybersecurity approaches that might require locking down end-user activity. With staff starting to attend premises in greater numbers, it’s a good time to review measures in place to identify, manage and mitigate the risks associated with cybercrime.

Building management systems cybersecurity checklist

Accordingly, Lloret recommends the following actions as a minimum to establish best practices:

  1. Replace all default or weak passwords.
  2. Turn off all unnecessary services within the controller, such as web interfaces.
  3. Where possible, lock network access down to controller level.
  4. Secure remote connectivity with a Virtual Private Network (VPN) or equivalent.
  5. Consider physical security as well as cybersecurity including all data points in secure locations.
  6. Ensure that cybersecurity forms a fundamental part of the design process.

For more information

So to keep ‘villains’ away from your buildings, contact the Lloret Group for help following the cybersecurity checklist or visit the Lloret Group website.

Global100 Schneider Electric has been recognized as the world’s most sustainable corporation in 2021 by Corporate Knights Global 100 Index.

EcoXperts are the Enablers of Buildings of the Future

The EcoXpert Partner Program is unique in its industry and made up of a best-in-class global ecosystem of expertise. Trained and certified by Schneider Electric, EcoXperts are the implementation arms of EcoStruxure and Wiser all over the world.

Buildings of the Future is about delivering solutions for the sustainable, resilient, hyper-efficient, and people-centric buildings that our customers need. For our EcoXpert partners, this unveils immense growth opportunity through the transition to end-to-end portfolio sales that will resolve our customers’ most critical needs. For our shared customers, this means that together with our EcoXpert partners, we will drive the building industry transformation and help our customers survive and thrive today – and tomorrow.

Visit EcoXpert to learn more.

Discover Buildings of the Future.

Learn more about Lloret Group

The Lloret Group offers building management system (BMS) control systems, BMS maintenance, energy, and fire and security services.

You need the right solution for the right requirement. You don’t want to add technology for technology’s sake. At Lloret Group, we will work with you to provide a system which is compliant, appropriate, and technically relevant.

Lloret Group is at the forefront of innovative design and we embrace new technology to enable this. Our systems are easy to use and we aim to achieve all your needs through early engagement and offering flexibility in our design.

Our expertise and system installation capability includes Schneider Electric, Trend, Tridium, Honeywell, Omron and Distech control systems. Our Open Protocol Systems enable these different systems to ‘talk’ to one another integrating all the functions of your building in to one seamless system.

The Lloret Maintenance division is an established BMS maintenance provider and we specialise in the service, support, and after-care of BMS and discrete control systems.

For more information, visit the Lloret Group website.

 

Learn more about Buildings of the Future

Want to see how Lloret Group, a Schneider Electric EcoXpert partner, is helping to enable Buildings of the Future? Read more here.

Lloret is also registered to become specialized in the following EcoXpert specialization: Real Estate.

Interested in learning about the EcoXpert Partner Program? Visit the EcoXpert website for more details around benefits for our business partners.

 

Tags: , , , , , , ,

Top picks