Return to March 2021 update
The volume of discussion about this category decreased 13% in March since December (from 3.8% in December to 3.3% in March). The peak of the discussion was over summer ’20 when the community realized the pandemic will last longer than a few months. Building operations continue to play crucial role in strategies to return occupants safely in workspaces and creating healthier buildings by leveraging buildings to migrate viral transmission, building trust in workplace, addressing mental health within residential setting, etc. The volume of discussions about strategic HVAC options for commercial buildings and alternatives to comply with various guidelines (such as CDC guidance, new ASHRAE and RESET® standards and other experts), has decreased to a certain level in March. The alternative HVAC solutions for using less energy will remain important discussion topics in the future as sustainable green buildings are again becoming a “hot” topic, given that listed companies are now subject to Environmental, Social and Governance (ESG) reporting obligations. Five leading real estate occupier trends include: 1) talent (employee engagement surveys); 2) transformation (ESG: understanding, compliance & reporting); 3) trust (increased demand for flexibility & agility); 4) technology (digital transformation); 5) teams (hybrid workplace & new portfolio occupancy planning models). Leading edge of technology, integration and connectivity is required.  Passive thermal comfort strategies in residential buildings are getting attention. 
Focus of discussion shifted to cybersecurity in smart buildings given the continuous daily news about cyberattacks. For example, at the beginning of March hackers have breached thousands of security cameras, exposing Tesla, jails and hospitals – intending to show the pervasiveness of video surveillance and the ease with which systems could be broken into.  Best practices for developing sound strategies for securing building infrastructure, as well as building operations including mobile work forces are discussed. Most common vulnerabilities in buildings include a) flat networks (few or no VLans, openness to PMO or corporate network, allowance of cross-VLan traffic); b)remote access (vulnerable 3rd party apps (like Teamviewer, RDP open to the internet, and IAM not in place); and c) shared logins (for engineers, vendors, and constant logged in allowance); d) patching (unpatched BMS, outdated firmware); e) unmanaged switches (consumer grade network equipment); and f) MFA (not configured or if configured not enforced). A “Zero trust” network is the answer. It reduces attack surface by 95% while reducing cost and complexity by 50 – 80%. It includes a) identity – based policies; b) micro-segmentation; c) encrypted overlay network tunnel; d) centralized management and orchestration; and e) greater security against insider threats and malware propagation. BAS cyber best practices and lessons learned: a) take inventory (know your OT SW/HW assets, know what versions are running on your assets, and proactively monitor and protect); b) make cyber defense a shared IT/OT endeavor and a reason to actively partner; and c) beware of the human component (consider behavior in your chain of defense).
(More information about building operation strategies for safe and healthy workplaces including HVAC enhancements can be found in the previous reports, e.g., in the December report.)