Count your assets before they’re hacked

NIST cybersecurity framework for building automation and asset management
Why asset management should be your #1 priority today

There was a simpler time, not so long ago, when no one really had to worry about securing their operational technology (OT) devices; a time when you could enjoy all the benefits of connectivity and remote access, without the ‘muss and fuss’ of secure passwords or firewalls.

Those days are gone. As Fred Gordy so powerfully writes for FacilitiesNet, “Devices are now in the hacker’s crosshairs.” If that isn’t on your radar, you’re already behind.

I recently wrote about understanding cybersecurity in the context of building automation systems. Cybersecurity can seem overwhelming, but the National Institute of Standards and Technology (NIST) framework is a fantastic way to break down key security elements.

NIST cybersecurity framework Dell EMC
NIST cybersecurity framework, via Dell EMC

Of course, each piece in this framework is significant. They all contribute to a safer cybersecurity environment.

But there’s one that I really want to highlight for you: it’s identifying and tracking your assets.

Why asset management?

Asset management is one of the biggest tasks for cybersecurity. At the end of the day, you can set up all the passwords and firewalls and virus scanners you want. But if you don’t know what’s on your network, you can’t protect it. It’s as simple as that.

Yet so many people I talk to are at a total loss of how to manage their assets. They have out-of-date spreadsheets that no one’s in charge of maintaining. They don’t know how many devices are on their network. And they don’t know where to begin with creating a system to keep track of it all.

How should you start?

You’ll almost certainly go through some trial and error to find a workflow that suits your organization. It won’t happen overnight. The right system is really dependent on the size of your network, criticality of services, how closely the IT and OT departments work together, and so many other factors.  

As one example, Princeton University manages devices through a process to assign IP addresses. Anyone who wants to install a new device has to fill out a form and submit it to the central IT organization. This form specifies what the device is, where it will be located, and other pertinent details. From there the central IT organization assigns the IP address, sets up VLANs, and does whatever else is necessary to get the device up and running. Learn more about how Princeton manages devices and IP addresses.

That’s an excellent way to empower everyone to take part in managing assets, that doesn’t become a scattered array of spreadsheets and out-of-date lists. For your organization, it might look different. Maybe you have asset management software that everyone collaborates on, or a spreadsheet that one person owns. The important thing is to start developing an asset management process.

I know, asset management is a behemoth of a project. (That’s why so many people don’t do it!) Even so, getting a handle on your assets is worth it. Of course, asset management will help make your team more efficient: you can manage maintenance schedules and budgets, or find and troubleshoot devices much faster. But cybersecurity should be your biggest motivator to dust off your device lists.

I urge you to ask yourself: do you know about every piece of hardware and software on your network? Do you have an up-to-date record of all those assets? And do you know who has access to them, physically or remotely? If you can’t answer those questions, today’s the day to start changing that.

Originally published on Automated Buildings

Recent Blog Posts

May 26, 2020 Vancouver, BC – Optigo Networks is pleased to welcome Joel Schuster to the company’s board of directors.

Every March for the last few years at Optigo, we’ve taken a moment to celebrate women in tech and building automation.

Information Technology (IT) and Operational Technology (OT) are different in a lot of ways, from their design to their maintenance workflows and more.

It’s super important to have unique Device IDs on your BACnet system, but duplicates are a very common problem. Unfortunately, you might not even realize you have duplicate IDs, with devices only responding periodically.

Recent Projects

Data center expansion with OTI and Optigo Connect


Stack Infrastructure is a portfolio of hyperscale computing data centers. OTI completed work on Phases I and II, and returned for the Phase III build-out of a 4-megawatt data hall and brand new central plant. The Optigo Connect network put in place in Phases I and II was expanded on this project. The team achieved quick roll-out of a large, multi-service redundant network using the Optigo OneView management interface. Going forward, the facility management team can use OneView to remotely monitor equipment, manage power usage, and meet up-time goals.

Optigo Connect MR Soluciones The Landmark


The Landmark is a sophisticated mixed-use high-rise in Mexico. The owners wanted to integrate all OT systems in the skyscraper, while maintaining separate networks for each application. The Landmark is the fourth joint project between Optigo Networks and MR Soluciones. Together, these companies provide robust services to meet any challenge.

Australian Bureau of Statistics at 45 Benjamin Way with Delta Building Automation


Delta Building Automation (Australia) had a big job renovating the Headquarters for the Australian Bureau of Statistics (ABS) at 45 Benjamin Way. The building owner wanted to improve the building’s energy use and increase their National Australian Built Environment Rating System (NABERS) score to more than 4.5 stars, out of a possible total of six. Securing the network both internally and externally was a big priority, as well.

Penn State University Optigo Networks Visual BACnet


When Tom Walker looked at Penn State University’s Navy Yard network, he saw huge issues. The system was busy and loud, to the point where the overrun network was bringing down the entire building. Because this was happening on the MS/TP network, pinpointing the problem would mean boots on the ground to segment and test the chain, piece by piece.

Penn State University Optigo Networks Visual BACnet


When Tom Walker first started working at Penn State University four years ago, there were a lot of network issues. Buildings were dropping offline. Broadcast traffic was pushing 90,000 packets per hour. Walker was on the phone almost every single night because devices were down or had to be reset.


Torre Manacar Mexico City Optigo Connect


When MR Soluciones began work on Torre Manacar, they knew they needed a flexible and scalable network infrastructure to support a wide array of integrated systems. Optigo Networks was a natural fit for the massive project, designing a robust network at a competitive cost.



Short Pump Town Center, an upscale retail center, underwent a complete renovation in 2014. The flexibility of Optigo Networks’ solution meant the retail center’s unknown final design was not a barrier to placing IP surveillance equipment in the field.



Optigo Networks connected New York-based Boulevard Mall’s security surveillance devices in December 2015, using a Passive Daisy Chain topology.

Visual BACnet tech support team


One tech support team at a manufacturer purchased an account with Visual BACnet in April 2017, for technical problems around the world.

Aster Conservatory Green Optigo Connect


The Aster Conservatory Green is a community comprising 352 residences across 24 low-rise buildings. The buildings use advanced surveillance and access control technology, including 40 HD video cameras and 60 FOB-access-tele-entry points for access control.