Tips on Preventing a Security Breach
Developing, testing, and deploying security measures in buildings needs to be an ongoing activity, built into the operation of the building. Here are some suggestions for the first steps:
Assign a dedicated network administrator for building control systems, with the responsibility for ongoing network security. The network administrator should coordinate security efforts and responses, as well as internal and external assistance.
Baseline your network. Know what normal traffic is. Identify the indicators of an attack. If facility management is spearheading the effort, bring in your IT department early on.
Take a comprehensive approach. Assess every building system, the vulnerabilities, and what the loss or disruption of the systems will mean to building operations and occupants along with the financial impact.
Start with the use of IT security measures on the building automation networks. Understand that while the IT security measures are valuable they may not apply to all systems or portions of building control systems. For example, at the field or application control level, you may find controllers with limited processing power and memory utilizing a limited bandwidth network.
- 1. Provide physical security in areas or spaces where BAS network cable runs.
- 2. Encrypt your network traffic.
- 3. Secure any wireless network
Take into consideration the human aspects of security; the greatest threat is from the inside; disgruntled employees, employees taking shortcuts or bringing in their own laptop. Develop policies on passwords, configurations, settings, and a training program.
Comprehensively securing a building not only involves access control and video surveillance, or an IT security program, but must also include the building control and automation systems.