Why Combining Building Automation & IT Can Cause Security Issues
Building automation is a hot topic for many companies. Those that haven’t yet hopped on the building automation bandwagon are anxious to do. The so called “smart building” is more secure and more efficient. A sophisticated, highly advanced technology manages everything from access to temperature control. By all accounts, using building automation should heighten firm security, but this isn’t always the case.
Everything in One Place
Building automation is primarily a means of ensuring a more secure space. However, a number of organizations are integrating their building automation system with their existing IT networks. This means that everything, from customer credit card numbers to elevator operation, is stored in one place, and that means vulnerability.
Security Breach
As a prominent example, recall the massive Target hack in 2013. Some people mistakenly believe that the hackers targeted the retail giant’s IT system, but actually they accessed the point of sale machines through the company’s HVAC system. They were able to do so because Target had streamlined their building automation with their existing IT. The result was massive financial losses for the retailer, which was also forced to recover from a lack of consumer trust.
Automation Without Risking Security
So how can an organization implement building automation without putting their other sensitive IT at risk? The answer is to keep the two systems strictly separate. This may mean keeping them physically separate in two locations. It also means making them logically separate so there is no direct connection between the two.
It’s almost inevitable, of course, that the two systems will have to communicate with each other occasionally. Virtual private networks and a series of well configured firewalls can make this happen securely and effectively. These safeguards help to ensure that only authorized people can initiate communication between the two networks.
While no security measures can ensure that there will never be a breach of any system, maintaining separate, dedicated networks is a simple solution that can minimize problems and protect an organization’s most sensitive information.
