Facility Managers are Critical Factors for Cybersecurity
With cyber threats rising daily, facility managers must know what role they play and approaches they have in cybersecurity. October 5, 2023
By Jeff Wardon, Jr., Assistant Editor
Cybersecurity Awareness Month was started in 2004 by the President of the United States and Congress. Since then, every October has been a time for both private and public sectors to collaborate and draw attention to the issue of cybersecurity.
In the information age, the data contained within a facility’s complex information systems have a high value placed on them. Many outside parties, such as hackers and other cybercriminals, want access to that information so they can sell it off. For facilities management, this means keeping these systems and sensitive data secured.
To do so, Cybersecurity and Infrastructure Security Agency (CISA) recommends the following four steps that everyone, including facilities managers, can take:
- Use strong passwords that are long, random and unique to each account, and use a password manager to generate them and to save them.
- Turn on multifactor authentication on all accounts that offer it.
- Recognize and report phishing, as CISA likes to say, think before you click. Be cautious of unsolicited emails or texts or calls asking you for personal information, and do not click on links or open attachments from unknown sources.
- Update software and enable automatic updates on software so the latest security patches keep devices we are connected to continuously up to date.
“As cyber threats become more sophisticated, individuals and families, small and medium businesses, and large companies all have an important role to play to in keeping our digital world safe and secure,” says Jen Easterly, CISA director in a news release.
Another measure facility managers can adopt is called “zero trust.” Essentially, zero trust treats anyone who wishes to access an organization’s resources as untrustworthy from the start. These individuals are then required to go through and pass a series of checks, like multifactor authentication, before they can obtain access.
“For instance, the one that we use does not allow anything to leave the physical site of the client, even for assessment as to its first veracity and second security,” Charlie Regan, chief executive officer at Nerds On Site, once told Healthcare Facilities Today. “All the major players send information up to the cloud to a central clearance depot. Now with the journey to the cloud, there is a potential breach at the cloud, and then on the way back. What we use does not send anything away to be assessed. It is always done on site in the server and network environment of the client.”
Zero trust is but one of several methods out there for facilities to take note of for their cybersecurity strategies. There are many different approaches available that organizations and facilities management can take to defend their information systems and sensitive data.
In addition, facility managers play a large role in maintaining cybersecurity for their organizations. Regan says that the role facilities management plays in maintaining the cybersecurity infrastructure is a 24/7 job. Also, information and data are continually exchanged, with most of it even flying under the radar of organizations.
With that reality comes something Regan refers to as data drip, which is when “cyber bots” breach systems to assess the value of data and bring that data out of an organization’s system. He adds that facility managers must keep an ever-watchful eye on data drip and even track down where it goes, such as foreign countries or organizations.
Facilities management has an around-the-clock responsibility to keep tabs on their organization’s data. However, they also have a myriad of options available to them to approach this responsibility. Careful consideration and collaboration on facility managers’ part are critical to cybersecurity.
Jeff Wardon, Jr. is the assistant editor for the facilities market.
Next
Read next on FacilitiesNet