In the past year, the number of internet enabled (IoT) devices that are used to automate smart buildings has increased dramatically. Most new facilities now include entire IoT Building Management Systems (BMS) that control lights, power, HVAC controls, security cameras, fire safety, elevator access and much more. These IoT-enabled systems are now integrated into the network to increase convenience and reduce the operating and facility management costs.

Unfortunately, this automation also has a downside. Most IoT devices lack or have extremely weak security built-in—a critical problem that introduces a new level of risk and cybersecurity challenges for smart buildings. According to a recent survey by the Ponemon Institute, 46% of respondents have already (likely, most likely or definitely) experienced an attack as the result of an IoT application. Equally concerning, this same survey found that 75% are not confident that they know all of the IoT applications in their enterprise environment. Hackers regularly scan targets for these types of weaknesses, then use these weak points to infiltrate the network. Once inside, they steal valuable data or take control of a facility, demanding a ransom payment to return access and control to the rightful owners. When you consider the thousands of IoT-enabled sensors and devices in a smart building, these potential cybersecurity gaps represent a significant risk.
Incorporating cybersecurity into smart buildings is now a necessity. Recently, a large financial company that was building a new facility decided to design cybersecurity into the building at the initial design stage and found it to be very effective. This organization has over 10,000 endpoints, including over 3,000 IoT devices. Knowing that most IoT devices lack adequate security, the organization incorporated compensating controls that include complete visibility of every wired endpoint in the facility and strong network access control. The organization wanted to exceed industry cybersecurity requirements and has integrated features such as:

  • Immediate, automated threat response to cybersecurity incidents. This reduces threats and damage to the environment by reducing cybersecurity incident containment from months down to seconds.
  • Network access is aligned with and limited to only the necessary access for each user or corporate device. With centralized viewing and granular control over what devices can connect to the network, it automatically detects which devices meet the minimum connection and security requirements, while providing full details on the device location, operating system, software versions and more.
  • Every BMS or corporate device is authenticated every time it connects or re-connects to the network to eliminate spoofing.
  • Compensating controls for unsecured IoT devices, enabling the organization to shut down access to any individual device that acts suspiciously. This can be done using manual controls after an alert or using automated threat response.
  • Every network device is assigned to a specific microsegment to limit the ability of viruses or hackers to travel through the network.
  • The solution compiles a complete record of every action taken by each endpoint to speed security review and accommodate compliance requirements.
  • Security automation and orchestration integrates seamlessly with all other security solutions to gather and deliver triaged alert lists along with all of the contextual information for each alert to save analysts hours of research time and solve problems sooner.

In addition to these benefits, the security automation and orchestration solution chosen for this project also enabled the organization to run weekly reports during the building process to track the construction progress by watching how many sensors and devices were connected that week. Furthermore, to ensure that cybersecurity was as comprehensive as possible, even during construction, the organization locked down the network so vendors could not use it and leave behind any network security gaps. All vendors were required to use a separate temporary network during the construction phase.
In light of the number of unsecured IoT devices, today’s smart buildings must consider cybersecurity needs in both existing buildings and new construction to avoid damaging cyber-attacks. Read a more detailed case study on this smart building project or to find out more about how Network Sentry secures network access, visit