Don't Let Your Building Automation System Take Down the Internet

Did you hear the one about the building automation system that took down the internet?

That sounds like the beginning of a very bad joke, but a review of national news shows this could be more reality than joke.

The term, Internet of Things (IOT) refers to the ecosystem of internet-connected devices that make our lives easier. For example, you can close your garage door from the office, adjust the temperature in your house from the airport, and even turn the lights on for the dog sitter while you sip a Mai Tai on the beach. The IOT seems great at first glance, but a deeper look shows that it has also opened the door to a whole new threat: mini computer cyber attacks.

Each device--garage door opener, light fixture, and thermostat-- has inside it a mini computer which connects it to the internet. This is why you can sip that Mai Tai on the beach and with a touch of button turn on the lights for the dog sitter. This is also why cyber-hackers were able to cripple the internet last week

The IOT concept has slowly made its way from the consumer market to the commercial and industrial markets. In fact, many building automation systems are moving to web-based and internet-ready devices to control buildings. While this does bring a potential increase in productivity, it is not without risk. But, there are ways to minimize those risks. 

4 Ways to Keep Your Building Automation System Safe

  1. Limit the use of wireless signals. Although wireless signals can make project management easier, they should be used sparingly. If it's traveling through the air, it can be grabbed by hackers giving them a way into your facility's automation system.

  2. Use VPNs when sharing a common physical network. Even if your data network is fairly secure, many building automation systems access the internet for weather forecasts and remote access. This creates an entry point into your network. A VPN helps by keeping the two networks separate from each other even when they run on the same cabling.
  3. Separate physical networks. Using a separate network for your building automation system protects both the system and your regular data from security risks because it's impossible to tunnel from one system to the other.
  4. Man the station. If your facility always has someone on site, you can eliminate remote--and hacker--access completely.

These are just a few strategies that can be employed to protect your network and building automation system. Don't let your facility be the next easy access point for hackers to take down the internet.

Scott Dusenbury_lr-1.jpg

Authored by Scott Dusenbury, PE, CEM, Assistant Director of Mechanical Engineering. Scott is a Certified Energy Manager through the Association of Energy Engineers. His expertise in building automation and control system design has helped many of our clients maintain their facilities.