Cyberattacks: Are You Doing Enough to Protect Your Construction Site?
Security has long been an issue on construction sites. High-value materials, tools and machinery are a magnet for criminals and UK Construction Media estimates that theft and vandalism cost the UK construction industry more than £800 million in 2017.
As builders constantly look for ways to tighten security and keep their assets safe, in recent years a potentially more serious threat has appeared on the horizon: cyberattacks.
Cybercrime affects all businesses, but the nature of construction makes this sector especially vulnerable. Construction sites are, by definition temporary, and workers connect to critical business systems on their own laptops, tablets and mobiles, where security is less stringent than in a permanent office. Professionals across many different disciplines work on construction projects which means that sensitive information, from building plans to financial and employee data, are widely shared outside the company.
Cyber threats come in many different guises, including viruses, ransoms – where criminals lock critical data and demand a ransom to release it – and infiltrating passwords to gain access to sensitive data. In every case it can seriously disrupt the business.
So, what can be done?
There are basic safety measures that companies can take which make site offices more secure, such as ensuring that the hard disc is destroyed before a redundant device is discarded and educating everyone on site of the dangers of cybercrime.
In a digital world it is not uncommon for Construction sites’ Wi-Fi passwords to be shared with not only staff but also subcontractors and customers visiting show homes. It’s worth setting up a guest Wi-Fi network for anyone who should not have access to the corporate network.
Installing a CCTV camera in your site office can reduce the chance of a criminal attack and provides other benefits such as lone worker protection and in the worst case, evidence, if a crime is committed. But, it’s important to ensure the CCTV itself is protected from cyber-attacks; adhere to strong passwords policies and buy from a reliable source – good quality firms should be accredited to the National Security Inspectorate. It’s also important to get full training of any digital security service and ensure only private Wi-Fi connections are used to remotely access the system.
A group wide solution
Depending on circumstances, it’s not unusual for regions and sites across the UK to start looking for their own connectivity solutions. This is can be due to the pressure of getting a site live and ready for launch or the frustrations faced when ordering a fixed line solution. If individual business units do make the decision to go it alone, some key checks must be made. Is the solution scalable? Could this temporary solution be used on other sites also? Is the solution secure? ‘Secure’ doesn’t just mean a simple Wi-Fi password; is the solution enterprise grade and will it work with other applications on site? It’s important to involve the company’s IT team in the procurement of their connectivity solutions, otherwise it can be difficult to provide the proper security support.
UK Connect plays an important part in protecting sites from cyberattacks. PJ Farr, founder and managing director at UK Connect, comments:
“Security is always at the forefront of our minds. When we install broadband on site through our Site Connect service, we take every possible measure to ensure that the connection is private and secure. 100 per cent security can never be guaranteed, but if there is an incident, we can respond immediately with back-up services and emergency connectivity to minimise any damage and keep operations running smoothly.”