Digital technology is impossible to avoid in all areas of our lives now. Whether you carry it in your pocket, your bag, use it at work, at home or it is used to control aspects of a building which you live or work, smart building controls are an area of rapid growth therefore the associated cyber security aspects should be carefully considered.
There is a strong relationship between the digital and physical world. Cyber breaches doesn’t only result in losses of data or funds but can also have real world consequences. For example if the security of a digitised fire system was breached, it could have an effect on the fire safety response which in turn could affect the physical state of the building.
Cyber risks to the buildings industry does not only affect building occupiers but can also affect building designers, contractors, building owners and managers. Cyber security and data retention choices made by any of the parties mentioned can have weighty consequences for the others, therefore decisions should be made taking a holistic approach to the property.
Building contractors and designers
Building planing and design is a process that generates large volumes of digital information. This information has to be accessible by multiple parties throughout the life cycle of the creation of a building to ensure collaborative working, and assist in build planning and budgeting.
Real-estate is a growing target for cyber enabled fraud, with a range of small to very large organisations inhabiting buildings, building projects are susceptible to fraud schemes involving supplier invoicing and purchasing teams. According to research, fraud schemes of this type are increasing significantly year on year.
Smart buildings gives owners and managers the ability to monitor and influence their internal environments. Smart building features increases a buildings attractiveness to both buyers and tenants as well as increasing the overall value of the space available on offer. The downside is that technological improvements bring forward cyber risks therefore decisions surrounding technological advancements need to take into account future security and business continuity.
Smart buildings generate a large amount of data, therefore there is an increased responsibility towards data protection and security. With the introduction of the General Data Protection Regulation (GDPR) on May 25th 2018, Building Managers will need to ensure that the data gathered is treated in accordance with the new regulations as employees and users of the building now have the right to request copies of the data held on them. For example the type of data held by a smart building can be staff movements, this could be used for workspace optimisation or health and safety procedures.
Building management systems will require regular monitoring to ensure there is no disruption to the business by unauthorised access. It is important to note that office IT and the building management systems should be managed separately to reduce the likelihood of a data breach.
Most individuals are oblivious to the amount of data that Is collected about them as they go about their daily activities. From mobile devices to footfall counting, ones daily environment is a harvester of personal data.
A plus side to GDPR is that now individuals have the right to access data held on them and have it amended, corrected or deleted. In future building managers and owners may need to provide proof of being able to meet these requirements as part of decision making processes for future building occupiers.
As the building environment increases its dependency on technology, cyber security and data protection becomes more important. It is important to strike a balance between business priorities and cyber/data protection. The results of data breaches can be catastrophic and are therefore best avoided.