Page 20 - REALCOMM EDGE-Fall 2017-FINAL
P. 20
Intelligent BUILDINGS
by
damage. The technology architecture should address the It will not replace traditional monitor and control systems
basics of remote access to the building, individual system and vendors, but merely monitor equipment and work done Reduce costs. Happier tenants. True sustainability.
configurations and in-building networking. Remote access is by those traditional vendors. This phase will also be accom-
simply the way that vendors or even staff connect in to the panied by a vendor cyber policy for contracts and service
building via the Internet and often includes methods such as agreements. The final element of managing the plan will SMART BUILDINGS RUN ON NANTUM.
virtual private network (VPN), but also requires vendor policy include the last two aspects of the NIST framework which
on use of remote access and their internal methods. The are ‘respond and recover’. A proper remediation plan not
system configuration is about what is inside each individual only includes people, assets and action but also the more
system that creates risk. In other words, even if you had Fort subtle issue of insurance. This area is a nearly completely ne- • Reduce expenses, increase NOI. • Predict and prescribe future actions
Knox from a remote access perspective, the individual sys- glected aspect of insurance in general liability, property and with machine learning.
tems could have too many users, administrative permissions, casualty, and cyber insurance riders. After nearly two years of • Future proof your buildings with the
old passwords and a host of other problems. Additionally, research and interviewing the large carriers, aggregators and world’s first operating system for the • Break down data silos with a
each system is connected to either a common network or consultants in the insurance industry it has become clear built environment. converged system.
multiple silo networks—hence monitoring traffic patterns that building controls cyber incidents are not spelled out
inside the building can indicate unauthorized connectivity and a more thoughtful process is required. Like the overall
inside the building. This type of monitoring can spot or approach to building cyber security, the insurance issue
prevent unauthorized physical connections on site as well as should be driven by and demanded by the building owner.
network-hopping. This very ‘doable’ three step plan does not have to be expen-
3. Implantation & Management—After assessing, prioritizing sive because all that’s required is the focus on generally soft solu-
and developing a manageable strategy, it’s time to start fix- tions such as consulting services, site services and software. There
ing the problem. You are now installing an infrastructure that is generally no need or benefit from ‘rip and replace’ of existing
will stay on with the building even as systems and contrac- equipment—and building cyber security can also become part
tors come and go. This process is not complex and consists of new design and construction standards that prevent many of
mostly of ‘soft’ components such as software and services. the risks right up front. The hardest part of the process is identi-
fying who in the organization has responsibility and authority to
own and carry out a plan for addressing the existing risks. This is
THE LEADER IN SMART BUILDING SERVICES a rare topic in real estate development and management that is
not a classic return on investment (ROI) financial analysis, but a
CONSULTING ON OVER $2 BILLION IN NEW DEVELOPMENT
CLIENTS WITH OVER 2 BILLION SQUARE FEET straight risk calculation—albeit with clear financial consequences
for ignoring it.
While the facts speak for themselves, it has also been illumi-
nating to see the industry chatter increasing each month as new
Strategy & Design threats, new examples and the broader cyber news stories alert
Integration & Implementation owners and operators to the size and urgency of the situation.
Additionally, the growing wave of effective and ever-increas-
Building Cyber Protection
ing ‘big data’ solutions such as energy fault analytics, building
operations centers, unified user interfaces (UUI) and various
smart controls, reinforces raising the question of just how secure
the building connections are and how secure the building data
storage is.
We should all advocate—at the very least—that organizations
identify who owns the issue internally (not vendors) and chal-
lenge them to take the first step of an inventory and assessment
www.intelligentbuildings.com
of all building controls cyber risks areas.
Tom Shircliff and Rob Murchison are co-founders of Intelligent Buildings, LLC,
a nationally recognized smart real estate advisory services company founded in Built By People Who Run Buildings, For People Who Run Buildings
2004. Intelligent Buildings provides planning and implementation of next genera-
tion strategy for new buildings, existing portfolios and smart communities.
www.prescriptivedata.io
18 Realcomm
