How does data security relate to buildings?
Given our willingness to share our personal data, it’s also expected that residents are happy for hotels, concierges and body corporates to retain key information.
However, in many buildings a computer as old as the building typically runs the automation system application, graphics, and database. IT groups are not always aware of standalone computers for different facilities and therefore the device rarely receives critical security patches.
Often systems operate on legacy technology and, most building automation systems are old and not typically upgraded until a major update is absolutely necessary or something breaks.
Alarmingly, a failure to roll out mandatory security patches on employee computers caused the United Kingdom’s National Health Service to suffer a significant ransomware attack in 2017. The attack resulted in cancelled operations, diverted ambulances and patient records being made unavailable in England and Scotland.
Virtualising security patches in the cloud is one option of overcoming this ongoing challenge.
Education across functions is critical given few facility managers have an IT background. Systems are often designed, supplied and maintained under commercial contracts without cybersecurity protection ever being a top consideration. Vendors and products are not regularly assessed on their cybersecurity with landlords often failing to fully examine contracts to check who can access data generated.