The age of the separation of Facilities from IT is quickly ending with the introduction of Building Automation Systems and the Internet of Things (IoT).
With this new age of convergence, Cyber Security is of top concern for institutions of all sizes. We’ll discuss how this age of convergence relates to current Cyber Security concerns and will give a case study with one of the largest organizations in the world.
SMART BUILDING:
IP Based Connectivity – IoT
Data Historians / Applications For Functionality – Predictive Maintenance
Integral Vs Integrated Hardware
Open Procurement of Hardware / Controllers
Smart Grid / Micro-grid
Feel Safe And Secure
Not Too Hot – Not Too Cold
Clean Restrooms
Common Space Management - Easy
Space Registration
Parking Made Easy
Automated Access – Facial Recognition
Occupancy Analytics
Way Findings/Digital Signage
HOW BIG IS THIS PROBLEM?
THE HUMAN ELEMENT OF OWNERSHIP-TURF WAR
DRIVING FORCE OF MANAGING A FACILITY - BUILDING INFORMATION MODELING (BIM):
Predictive Maintenance
Facility Staff - Silo vs. Multi-functional
Building Applications – Affects Costs And Competitiveness
Augmented Reality (AR) For Operations
Machine Learning / Artificial Intelligence
Dashboards
ATTACK VECTORS – 7 DOMAINS OF A TYPICAL IT INFRASTRUCTURE
All 7-Domains of Infrastructure
Third Party Risk
Internal Risk
External Risk
Sensor Networks
Enterprise
Private Cloud
Public Cloud
Core/Backbone Network
Distribution/Server Farm Network
Access/Edge Switches
DRIVING FORCE OF SECURING A FACILITY BIM – IT AND INFOSEC
Pros – Using the Converged Network
Moderately Reduced CAPEX investment in infrastructure (rooms/spaces, network switches and other active network electronics)
Reduced OPEX investment in management
Managed by a single department or team
Single network to secure
Single network to monitor
Single set of network equipment to apply firmware updates and patches
Training to stay current on just one manufacturer’s equipment configuration firmware
Cons – Using the Converged Network
Increased cybersecurity vulnerability to endpoint failure modes, for Enterprise network operations
Increased management requirement for logical separation of networks. (L2 and L3)
Increased initial resource investment in creating logical infrastructure compatible with Cybersecurity standards
Who handles SOC, CSIRT, CISO?
Lack of cybersecurity controls could be construed by SEC as a “willful violation” of Section 404 of Sarbanes-Oxley Act (carries criminal penalties for CEO, CFO)
Maintaining Cyber compliance on project timelines and system deployment timelines
Enterprise connectivity to Facility networks
DRIVING FORCE OF MANAGING A FACILITY BIM
Pros – Using Segregated Facility Run Network
Reduced cybersecurity vulnerability - Intruders would have potential access to comparatively less on the network
May be able to operate Facilities systems network switch ports over comparatively longer timetables than standard IT systems switch ports
Comparatively fewer complications and associated project and system deployment timeline issues related to maintaining compliance
Reduced vulnerability to endpoint failure modes, for Enterprise network operations
Reduced management requirement for hardware (Layer 2 vs Layer 3 Switches)
Firmware the only major ongoing concern as logical segregation is not an issue (VLANs)
Cons – Using Segregated Facility Run Network
Cost deferment of less-sophisticated hardware is offset by greater number of devices (switches, etc.)
Replacing network switch ports for Facility systems on standard IT systems timetables (typically years
If different manufacturer equipment is used, up to 2x the training to stay current on equipment configuration firmware
If managed by separate departments or teams:
Duplication of staff = increases OPEX
If IT manages Facilities-owned network, increased interdepartmental coordination
Multiple networks to secure, monitor and apply firmware updates and patches
WHO IS GOING TO WIN AND HOW CAN BOTH FACILITIES AND IT WIN?
Contact us today and find out how we can help your company solve this on-going battle and create your IoT strategic plan.