Designing for a Resilient Future

In a time of Zero Trust, why do we still trust most?

The line between digital and physical environments has blurred. Connected cities and integrated systems enable us to create open and secure spaces, improve the flow of traffic and people, and deliver more sustainable solutions. Simultaneously, transformative technological advancements segue into rapidly evolving threat landscapes with revolutionized means of attack, during a period of rapidly changing compliance regulations and requirements.

In 2017, the average cost of a data breach in Canada was $6.1 million. This number is expected to grow over the coming years with the introduction of Canada’s mandatory reporting of breaches of security safeguards. Organizations are now obligated to report breaches that pose a Real Risk of Significant Harm (RROSH) to an individual. Pervasive as these new means of attack may be, we are presented with the opportunity to consider – what if we designed solutions with both data resiliency and future adaptability, as key indicators of success?

img-Designing a Resilient Future

To achieve this, technology, security and digital infrastructure must be treated with the same value and importance as traditional infrastructure. New and modernized buildings contain more IoT (Internet-of-Things) devices than ever before, with connected endpoints totalling in the billions. Each device, data source and connected element presents an opportunity by which networks can be penetrated. To reduce anticipated points of failure, substantial consideration must, therefore, be given to the operational integrity of building and city frameworks, and the systems they house.

Zero Trust is an information security framework adopted by the industry as the best way to prevent a data breach. This concept abstains from automatically trusting any device, individual or token, inside or outside the perimeter, until the source has been verified and validated. Despite enterprise adoption of Zero Trust, mindset towards this robust concept seemingly ends at the boundary of the digital environment, with physical parameters and convergence across disparate systems lagging. Humans add noteworthy paradigm to risk, from holding doors open for presumed colleagues, perceived contractors or guests, to freely connecting electronic devices to public wi-fi and forums. Once a nefarious individual has gained physical access to a secured area, impact intensifies.

When designing for best-in-class resiliency, all building systems play a role in holistic enterprise integrity. A system is only as strong as its weakest link. If any of the coexisting Building Automation (BAS), Electrical, Lighting, Logical, HR, Sales & Marketing, Security, or other SMART IoT systems lack in necessary protocols to support compatible integration, compliance or best practices, the organization and assets it safeguards become jeopardized.

Before commencing a conceptual design, it is crucial we sit with the client in conversation about how they envision their investment operationally. This allows us the best upfront understanding of the desired intent of the building’s performance, connected peripherals and degree of integration. This information also allows us to lower the overall risk profile by analyzing varying risks, supporting proactive mitigation, and strengthening the design’s integrity.

Comprehensive end-to-end assessments with cyclical analysis are proven to lower capital and ongoing operational costs. From a camera on the ceiling, temperature sensor, or a boardroom’s public USB hub, to the credential in an employee’s hand or outdatedpaper visitor logbook; we understand systems have many end-points. A specialized Technology Advisor will extend benefits beyond short-term capital projects to deliver improved interoperability, reliability and increased longevity of all systems.

With clients at the heart of everything we do, it is vital to work closely in developing a clear understanding of expectations for everything from aesthetics to core system functionality, bearing in mind inputs from the buildings’ or cities’ countless sensors will ultimately be used to make authentication decisions. Only through blending and synthesizing the information we gain about the building and its occupants; will Big Data be of Big Use.

More on this subject