Close

Securing the Smart Office with IT Expertise

avatar
Published on October 21, 2022 by

Andrew Sweeney

Smart office adoption enables a more interactive environment for workers, but more connected IoT devices and applications open the door to performance and security issues. To minimize risks there’s a strong argument for IT to take a leading role in managing them.

A new report forecasts the global smart office market will reach US$ 90.61 billion by 2030, nearly tripling in the ten years from 2020. While the pandemic may initially have slowed growth, it brought with it new reasons to implement smart capabilities.

For companies wishing to tempt employees back after lockdowns, smart offices showed how they were following regulations and keeping everyone safe. By connecting sensors, they could maintain records on the number of people in a space at any time, introduce no-touch surfaces on doors and elevators, activate partitions, and use air quality measurements to adjust HVAC settings or trigger the opening of windows or doors for better ventilation.

Moving forward, using facial recognition, access to the building can be controlled, keeping staff and physical assets protected. Leveraging HVAC and lighting settings that automatically adjust according to real-time environmental data, will make offices healthier and help companies work toward sustainability goals. Similarly, by implementing intuitive ways for teams to collaborate in the office, adding voice control for meeting room booking, or for interacting with smart building features, companies can enhance efficiency and encourage workers back to the office.

While smart offices enable new opportunities, operational technology (OT) teams, and facilities teams typically lack the necessary expertise to protect against security vulnerabilities.

Added complexity and haphazard growth fuel security risks

IoT devices may have revolutionized the way office workers interact with technology in the workplace, but they have also increased the complexity of the IT estate and the risk of security breaches. Companies typically implement more than one vendor’s solution and each will likely have its own distinct management tool. That means a growing number of connected IoT devices, applications, and hardware are creating interoperability issues that only your IT teams have the expertise to manage.

More third-party endpoints mean more gateways for hackers. Buildings have been shut down in ransom attempts and there is a heavy price to pay. Target paid out $18.5 million after hackers accessed a billing platform via a third-party HVAC system. Will site services teams know how to ringfence financial systems so that this can’t happen? And what about the data protection of those who enter the building – particularly if facial recognition software is involved? Addressing security vulnerabilities of connected devices is typically outside the domain of these teams.

How to reduce risks

There are steps that can be taken to reduce the risks of operating a smart building and they begin with including IT in the decision-making process to leverage their experience and expertise in endpoint and security management. If you don’t know what endpoints are out there, how can your teams secure them? Replacing EoL systems and servers, patch management, and servicing are all critical to reduce security risks. If not addressed, then your teams will spend their time reacting to data breaches.

It is, therefore, vital to have a clear view of the IT estate. This could be done by putting in place regular meetings to understand smart building growth plans. But even if these meetings don’t peter out as attendees find they have other commitments, gaining information in this way is going to take time, ensuring your teams stay in reactive mode and data remains at risk.

There is a way, however, to take a more proactive approach to mitigating the security risks associated with smart offices, and that’s by implementing a digital platform conductor (DPC). A DPC leverages connectors to all your sources of endpoint data including IT and IOT management tools and automates data aggregation and normalization, to deliver a real-time end-to-end view of your estate including all interdependencies.

With this you can see where vulnerabilities are and how they can impact other endpoints allowing your teams to implement steps to protect them. Leveraging tool orchestration capabilities, a DPC will help here too, automating required workflows for OS updates, patching, migrations, and more to manage change. This will allow teams to seamlessly incorporate the management of IoT endpoints within your wider endpoint operations programs and protect data even as smart building functionality continues to grow and evolve.

 

Book a demo to find out how ReadyWorks can help your IT teams integrate smart building management and simplify all your endpoint operation activities.