Sara Hampf

Go to support page

Learn how to set up MFA for your Kiona account

Product Marketing

sara-adolfsson-hampf

Sara-Adolfsson-Hampf

Build your knowledge in building management. On our blog, you will find content on building management suitable for newcomers and tech-savvy partners. Find blog posts, use cases and videos on everything from technical systems integration, HMI and SCADA solutions, alarm monitoring, zone control, lighting, heating, ventilation and air quality. Just as relevant for commercial buildings, public works and industrial buildings as for housing cooperatives or multi-residential properties.

Building Management

field_62613e1328887

acf/block-article-link

Explore our products and solutions for building management

<p>With the rise of Proptech, buildings are becoming increasingly interconnected through networks and IoT devices – and generate vast quantities of data. While this data can improve facility operations and efficiency, it also introduces big security risks if not properly safeguarded.</p>



<p>Consider the following scenario: Unauthorized individuals have managed to gain initial access to a system and gradually escalated their privileges through careful maneuvering, thus obtaining increasingly broader access to systems and sensitive data.</p>



<h2 class="wp-block-heading" id="h-why-is-cybersecurity-a-question-for-buildings">Why is cybersecurity a question for buildings?</h2>



<p>Every organization today stores sensitive data in some form or another. Smart buildings require building owners to understand the organization's data security needs as operations move to the cloud. Building systems are also collecting and storing more data than before – becoming even more attractive to attackers.</p>



<p>"It goes beyond the mere loss of data or the immediate financial impact of mitigating or containing an attack. The true reality is far more complex, and every organization must recognize the combined risks associated with reputational damage. Such damage can not only jeopardize new contract opportunities but also impact existing contractual agreements," says John-Helge Gantz, Information Security Manager at Kiona.</p>



<p>"Moreover, the consequences of non-compliance with or breaches of data protection regulations can have a profound and lasting impact on the overall financial sustainability of an organization."</p>





<p>Therefore, building owners need control over who can access data and how it is stored and protected by, for instance, third parties.</p>



<h2 class="wp-block-heading" id="h-local-installation-or-cloud-solution">Local installation or cloud solution?</h2>



<p>One common question when it comes to data security in buildings is whether it is better to use a local installation or a cloud-based solution. The truth is that there is no one-size-fits-all answer to this question. Both options have pros and cons, and the security of each will depend on how well they are configured and maintained.</p>



<p>To compare the two, you have to work on the assumption that you have a local installation that is perfectly configured and a cloud solution that is perfectly configured. In that case, there is no big difference in basic security. It all comes down to how you handle moving from only managing technical equipment to taking on the IT role.</p>



<h2 class="wp-block-heading" id="h-how-can-you-work-with-security-in-your-facility">How can you work with security in your facility?</h2>



<p>With more than 55 000 buildings connected, we generate several billion data points every day, so it's safe to say cyber security is vital to us.</p>





<p>Implementing access control, using strong encryption to protect data, regularly updating software (and patching vulnerabilities), and training employees on best practices for data security, are some of the efforts you should pay attention to at your end.</p>



<h3 class="wp-block-heading" id="h-no-solution-is-more-secure-than-the-weakest-link">No solution is more secure than the weakest link</h3>



<p>And the weakest link is typically us humans. That's why it's essential to keep access control in mind. This will help ensure that only authorized personnel have access to your building's data and that a breach doesn't come from one of your passwords being found in a leak. To keep the bad guys out – you need a password strategy.</p>



<p>By implementing Multi-Factor Authentication (MFA), you add an additional layer of security. This reduces the system's likelihood of breaches based on human interactions, emotions, and blind trust.</p>



<figure class="wp-block-image size-large"><img src="https://kiona.com/app/uploads/2023/05/John-Helge-office-AI-generated-1024x611.jpg" alt="AI generated photo of office in a building" class="wp-image-38855"/><figcaption class="wp-element-caption">A picture is worth a thousand words, but with new tools, you can't be sure that what you see is the truth. The office in the background is entirely generated by AI. The flowers on the desk never existed. In the red shirt, John-Helge is real and works daily with security issues at Kiona.</figcaption></figure>



<h3 class="wp-block-heading" id="h-data-processing-agreements-dpa">Data processing agreements (DPA)</h3>





<p>The <a href="https://gdpr.eu/what-is-gdpr/" target="_blank" rel="noreferrer noopener">General Data Protection Regulation (GDPR)</a> in Europe, the California Consumer Privacy Act (CCPA), and other regulations have increased the focus on protecting personal data. And as a building owner who shares data with others, the division of responsibilities must be clear.</p>



<p>With a Data Processing Agreement based on the GDPR regulations, you have a secure starting point for an agreement with a supplier and a good knowledge of how data is handled.</p>



<p>A DPA establishes clear guidelines for a supplier's handling, storage, and data processing. It ensures that each party understands its responsibilities for data protection and implements security measures to prevent loss or misuse of data.</p>



<h3 class="wp-block-heading" id="h-minimize-risk-with-regular-updates">Minimize risk with regular updates</h3>



<p>Finally, it's important to keep your software up to date. Software updates often include patches for security vulnerabilities, so by keeping your software up to date, you can make sure that your building's data is as safe as possible.</p>



<p>Remember to stay aware of your exposure and attack surfaces. When you minimize the organization's exposure, you also decrease the threats and risks it faces.</p>

The building as a data source

How does Multi-Factor Authentication (MFA) work?

<p>Estimates show that a cyberattack happens every 44 seconds throughout the day. That is a scary figure, and of course, the impact of an attack can be massive for companies, regardless of their size. The cost of a cyberattack on your company/organization will be extremely high, not to mention the time and effort it takes to recover from an attack. It may also lead to a loss of the trust your customers have in you. In the end, it's not worth it.</p>



<p>Most businesses have online systems that allow users to log on to do their shopping and banking, get the status of their building electricity use, etc. Usernames and passwords are essential, but on their own, they can be vulnerable and stolen by third parties or used in cyberattacks.</p>



<p>You might not even know that your data has been compromised as it is stored in a third-party solution that just got hacked.</p>





<h2 class="wp-block-heading" id="h-how-does-multi-factor-authentication-mfa-work">How does Multi-Factor Authentication (MFA) work?</h2>



<p>MFA asks the user to identify themselves by more than a username and password when logging on to a new smartphone, online account, or VPN. The most common way is with one-time passwords. These are 4–8-digit codes that you receive via e-mail, SMS, or a mobile app.</p>



<p>MFA reduces the risk of a successful cyberattack and helps companies and individuals to protect their information.</p>



<figure class="wp-block-image size-large"><img src="https://kiona.com/app/uploads/2023/06/News-ticker-MFA-authenticationEN-1024x512.png" alt="Multi-factor authentication (MFA) at Kiona"/></figure>



<p>Consider MFA like a thumbprint or physical hardware key that can give you confidence that your organization will stay safe from cybercriminals.</p>



<p>By introducing MFA – Multi-Factor Authentication, you add an additional layer of security to protect your company.</p>



<p>At Kiona, security is highly important, and <a href="https://kiona.com/story/blog/simplified-login-and-strengthened-security-sso">MFA is integrated into all our solutions</a>, making your decision to invest in our platforms safe.</p>

Add an additional layer of security by introducing MFA - Multi-Factor Authentication