Page 28 - REALCOMM EDGE-Fall 2017-FINAL
P. 28
Editorial
Five Reasons Your Building Isn’t as
Secure as You Think
Garrett Suhm
Chief Security Officer
5Q Partners
uilding technology and security are often seen as an more inbound firewall ports so the DVR is easily accessible from
afterthought to building operations. Frequently, assump- anywhere. This is commonly done so the building engineer can
B tions are made that everything is secure from today’s remotely monitor their cameras. While having remote access to
cybersecurity threats, or the risk is low because buildings aren’t the cameras is incredibly convenient, it is also a security threat.
e-commerce platforms or other obvious targets. But are you real- These DVRs are rarely patched, and outdated firmware versions
ly secure? Many buildings have internal systems that were built in can become easily exploited, especially when internet accessible.
a simpler time, often with security as an afterthought—think de-
fault passwords, unpatched control #2) We Don’t Need No Stinking
systems, and operating systems that Firewall
are no longer maintained or patched. Do your properties have modern
In a world where cybersecurity is a firewalls with up-to-date patches
daily headline, complacency for IT and monitoring? Consider yourself
operations in commercial buildings is in the minority if you do. There are
truly a false economy. While e-com- many properties that simply have
merce and data centers may get the an old consumer router that hasn’t
bulk of the attention from hackers, been patched in years, or possibly
targeting building systems can be worse, just the box furnished
easy prey for the bad guys out there. by the internet provider. Those
We have spent considerable ener- boxes do a fine job providing
gy analyzing and documenting the Internet connectivity, but provide
inner workings of building systems, “In a world where cybersecurity is a daily zero control over traffic and lack
and—not surprisingly—found many headline, complacency for IT operations basic or advanced monitoring
weaknesses that could be exploit- in commercial buildings is truly capabilities. They don’t include
ed by hackers, compromising your things like content filtering,
systems or tenants, and creating a false economy.” advanced malware protection, and
unwanted reputational risk. The fol- intrusion detection and prevention
lowing Top Five list is comprised of actual findings encountered (IDS/IPS). To add insult to injury, these providers by default openly
during our efforts to secure building systems from cyber attacks. advertise wireless access points that the public can attach to. Do
you really want the public on your WiFi sucking up bandwidth
#1) The Unpatched Digital Video Recorder (DVR) and unmonitored for abuse? And if the cable company isn’t
Building surveillance systems are incredibly common—the trying to give away your WiFi, you can bet that someone inside
technology is inexpensive enough that even the smallest has tried, which leads us to:
properties have installed cameras and other monitoring
devices. The vendor that is responsible for installation is often #3) Free Wi-Fi for Everyone!
not concerned with the security implications of the digital Wireless is a great advance which has transformed how we
video recorder (DVR) or digital video cameras that are network work over the last 20 years. But this convenience has created a
accessible. We consistently see many DVRs sitting on the same completely new security challenge. Remember that engineer
network as other building systems. To make matters worse, that briefly worked at your building last year? Well, he installed
recent DVRs now have Internet-enabled features. For the a $20 access point on your network so he could get internet
vendor to enable these features, they typically open one or while in the cafeteria. And now there are 50 people on your
26 Realcomm
