The News Room The News Room The News Room
Security solutions Nov 09, 2022

Protecting your building starts with OT security

You already take steps to protect your building—locking doors, monitoring access, and securing IT networks. But one critical system often gets overlooked: your operational technology (OT). These are the systems behind the scenes—your HVAC, lighting, access control, and more—that keep people comfortable and your facility running.

These systems are managed by your building automation system, which uses sensors and microprocessors to constantly monitor and adjust conditions. And because building automation system platforms process and store data—and often connect to your IT network—they’re vulnerable to the same cyber threats as your computers and servers.

But unlike IT systems, OT systems directly impact the physical world. A cyberattack on OT can lead to real-world consequences: tenant discomfort, equipment damage, downtime, and even safety risks. That’s why OT cybersecurity is no longer optional. It’s a must-have for protecting your people, property, and operations.


Where to start: Simple steps, big impact

You don’t need to overhaul your entire system to improve OT security. Even a few targeted actions can dramatically reduce risk.


1. Bring in the right expertise.

Start by working with a qualified vendor—ideally one backed by the system manufacturer—who understands OT security. Ask about their experience with system hardening (reducing vulnerabilities) and make cybersecurity a priority from the design phase onward.

2. Design with security in mind.

Security should be built in, not added later. Here’s how:

  • Segment your networks: Keep IT and OT on separate network zones, each with its own access and security controls.
  • Plan for continuity: Work with your vendor and IT team to develop an incident response and recovery plan. Know how to isolate OT systems if needed.
  • Assign accountability: Clearly identify who is responsible for OT cybersecurity, and ensure they’re working closely with your IT team.
i

Key questions to ask during design

  • How will we keep systems patched and up to date?
  • What’s our plan if there’s a network disruption or cyberattack?
  • How often are backups made, and where are they stored?

3. Secure every deployment

Before you go live:

  • Patch all devices with the latest firmware.
  • Isolate new equipment from your production network until it’s fully configured and tested.
  • Disable or tightly control technologies like mobile access, Bluetooth, Wi-Fi, and cloud services.
  • Review all configurations with your vendor before deployment.

4. Control who has access

User access is one of the easiest ways to secure (or compromise) your system.

  • Give each person a unique logon—no shared accounts.
  • Disable default or public accounts immediately.
  • Limit admin rights to only those who absolutely need them.
  • Set up role-based access, and apply the “least privilege” principle: start with no access and grant only what’s necessary.

Don’t forget password hygiene. Complex, frequent-change requirements often backfire. Choose strong, memorable passwords and train staff on safe practices.

5. Operate with awareness

Once the system is running, stay proactive:

  • Maintain an updated inventory of all OT devices.
  • Regularly audit user accounts and disable any that aren’t needed.
  • Remove access immediately when someone leaves the organization.
  • Train your team to spot suspicious activity and understand their role in keeping systems secure.




Bottom line

Your building’s critical systems, such as HVAC, lighting, security, and energy management, are all part of your OT environment. If they’re connected to a network, they’re vulnerable. But securing them doesn’t have to be overwhelming.

With smart planning, strong vendor support, and a few practical policies, you can dramatically reduce risk and ensure your building stays safe, efficient, and operational—no matter what.

Reliable Controls can help

We design building automation solutions with security at the core. From secure hardware and software to trusted dealer support and OT system hardening expertise, we help facility professionals like you take control of your building’s cybersecurity, without compromising performance or comfort.

Let’s make your building smarter and more secure.



Related Articles
More From the Resource

Secure manufacturing facilities with RC-Passport

Flexible security solutions that also reduce energy consumption.

President’s message: BACnet growth

Reliable Controls president Tom Zaban reflects on 30 years of the BACnet protocol.

Building automation control loops: The theory

Learn the basics of one of the most essential concepts in building automation: controlling outputs with control loops.

Cultivating confidence in building automation

RC-RemoteAccess is now BTL certified. Why does this matter for building owners?

Why use MS/TP communications in building automation systems?

Learn when and why MS/TP communication is helpful in building automation systems.

How building automation impacts health, efficiency, and indoor air quality in hospitals

How does building automation ensure hospitals are safe, secure, comfortable environments for everyone?

System Mart and Reliable Controls: 15 years of purposeful partnership

System Mart doesn’t just implement Reliable Controls solutions. It embodies our values of reliability, trust, and long-term commitment. Learn more.

Welcoming Ameresco in Chicago and Central Florida as Reliable Controls Authorized Dealers

With Ameresco in Chicago and Central Florida joining our dealer network, we’re expanding our ability to deliver simple, flexible, sustainable solutions to customers in Illinois and Florida.