Solutions
More
Back to studies

Digitizing a building reduces risk by filling building knowledge gaps

The Issue

The Bractlet Gateway(TM) integrates with existing Building Automation Systems (BAS). In order to communicate with these systems, the Bractlet Gateway needs to be installed on the same network. The building’s IT group installed the device on what they thought was the BAS network, but they weren’t able to find our device when trying to “discover” it on the network. What they found was an additional subnet (similar to daisy chaining routers together) they did not know existed; highlighting a severe security vulnerability and high level of operational risk.

Digitizing a building reduces risk by filling building knowledge gaps
UNKNOWN NETWORKS IDENTIFIED

2

CONTRACTORS CONSOLIDATED

2

LEVEL OF RISK MITIGATED

HIGH

DEVICES IDENTIFIED ON UNKNOWN NETWORKS

304

What Did We Do

As part of integration technology on the Bractlet Gateway, detailed network reports were automatically created to list identified devices on the network. When risk-areas are identified, vendors typically resort to “finger-pointing” and enter “hot potato” mode, rather than trying to resolve the issue. However, by providing reports that clearly showed what was happening inside the network and providing constant pressure, Bractlet streamlined communication between the IT team and BAS contractor to consolidate their knowledge and reduce the gaps.

Digitizing Building Reduces Risk

Results

The IT firm discovered two IP subnets that they did not know existed, and now both the IT firm and BAS contractors are aligned in their understanding of the BAS network. The fact that IT lacked awareness of the full scope of the networks they control presented a security vulnerability that could have been catastrophic if something on those networks ever experienced an outage.

Bractlet brought the right knowledge and tools to the table to reveal this security vulnerability. The integration process requires rudimentary familiarity and understanding of the in-building network architecture and, in turn, network security. When this base-level of understanding does not exist, Bractlet’s technology and process fills in the gaps and helps ensure best practices around security are being followed by IT firms and BAS contractors servicing the building.

02

UNKNOWN NETWORKS IDENTIFIED

HIGH

LEVEL OF RISK MITIGATED

304

DEVICES IDENTIFIED ON UNKNOWN NETWORKS