Articles

Save Time by Improving Security

A young female facilities manager smiles at her computer in a brightly lit office

Cybersecurity is not usually something facilities managers get excited about. With the hundreds of jobs FM teams deal with every day, it’s no surprise that worrying about how and where data is stored slides down the priority list.  

The ever-present threat of a data breach bearing expensive consequences is something IT teams work tirelessly to mitigate. But for most of us, it is just an obligation we wish we could avoid.

But what if there was a secret side to security, that didn’t just satisfy the needs of IT, but also directly benefitted the FM team?

By embracing the three pillars of security, you can start to see a real return on your efforts.

The three pillars of cybersecurity

As threats and risks of data breaches evolve over time, it is important for organisations to adopt a layered approach to security. This approach facilitates a more comprehensive security posture for organisations.

There is no silver bullet that absolves all security risks for an organisation, and thus, the three pillars of people, process, and technology become the best defence.

People

Human error in 2021, was responsible for 41% of all notifiable data breaches. From clicking on links, to passwords that are just “password”, the scope for human error in security is huge.

Fortifying the people pillar is all about educating, training, and supporting your team to stay one step ahead of malicious actors.

Fundamentally, this education, training, and support, is about making the right information available and accessible. If we apply this concept to facilities management, we can create efficiencies in processes.

Say for example, you have a new team member onboard, and you’re tight on time to train them in your FM system. Without training, letting them loose in the system with endless permissions could be disastrous for your data.

While giant physical manuals used to exist, the information stored in these is not readily available. From an accessibility perspective, even if the team member is able to hunt down related information, it may be out of date or difficult to understand without context.  

For the education, or “people” pillar to be used effectively, accurate information needs to be readily available and digestible.

What if there was an easy to use, online resource available for that team member? The platform itself might be able to provide training to new team members, completely alleviating the need for you to sit with that team member for days and train them.

In this example, the risks to the data posed by human error can be significantly mitigated. From a security perspective, the box is ticked, and you’ve recovered hours that would otherwise have been spent conducting training.

Process

The “process” pillar will come as no surprise to those engaging in asset management. From a security perspective, process is all about improving data governance.

While this might sound like more work at first glance, similar to asset management, data governance is about putting processes in place to save you time down the line. It is about ensuring the right people, have the right information, at the right time.

For example, from a cybersecurity perspective, this might be about how quickly IT is notified when a breach has occurred; and detailing the steps to take in the event of a breach.

Extending this to facilities management creates time-saving opportunities, and better adherence to regulatory requirements.

For example, say each month you are required to provide receipts to the finance team for any outgoing costs. Previously, this might have necessitated trawling through a bag of paper receipts, scanning each of them and then attaching in an email to finance.

To improve processes, and data governance, in this area, you might adopt software that allows you to simply take a photo of receipts on your phone as you get them and upload instantly to the platform.

Not only is the security risk of loss and destruction of this data significantly mitigated, those tedious hours can now be re-allocated to more meaningful FM work.

Technology

As with many areas of modern life, there are technologies that exist to improve your security.

While your IT team will likely be in charge of installing your anti-virus, there are steps you can take as an FM team to improve security. Ensuring you are always on the latest update and leveraging cloud software with built-in security, is a great place to start.

While on-premise software has a heavy reliance on IT to perform upgrades, cloud based platforms upgrade automatically. By allowing automatic updates, you ensure you are protected from emerging threats, while recovering the time otherwise spent on what may be a lengthy negotiation with IT.

The next layer to the technology pillar, is again related to data governance.

Most organisations are using some form of facilities management software. Within these platforms, there’s multiple users, and multiple user types.

Depending on the size of the organisation, you might be frequently adding users to the platform. On top of this, existing users all have to be able to log in securely, without creating a security risk by using their name as their password.

Staying on top of who has access to the platform, what their permissions in the platform are, and ensuring their login is secure, can be a time-consuming task if done manually.

Fortunately, technologies such as SSO and MFA help facilities teams make light of what can otherwise be an onerous IT requirement.

By using SSO, time that would otherwise be spent negotiating with IT to create new users is negated, giving control back to the FM team. Additionally, SSO allows organisations to ensure logins occur securely, and remove the need to remember multiple passwords for multiple platforms.