{"id":4286,"date":"2014-03-23T22:31:03","date_gmt":"2014-03-24T02:31:03","guid":{"rendered":"http:\/\/www.airtight.co\/?p=4286"},"modified":"2014-03-23T22:31:03","modified_gmt":"2014-03-24T02:31:03","slug":"interview-with-angela-harris-of-the-achr-news-magazine-jack-floyd-airtight-energy-automation-specialist","status":"publish","type":"post","link":"http:\/\/www.gregcrumpton.com\/blog\/interview-with-angela-harris-of-the-achr-news-magazine-jack-floyd-airtight-energy-automation-specialist\/","title":{"rendered":"Interview with Angela Harris of the ACHR News Magazine & Jack Floyd AirTight Energy & Automation Specialist."},"content":{"rendered":"
Questions by industry journalist Angela Harris<\/span>\u00a0of the ACHR News Magazine:<\/span><\/h6>\n

Answered by AirTight Controls & Automation Specialist Jack Floyd<\/em><\/strong><\/p>\n

\"angela_h\"<\/a><\/p>\n

What can HVAC contractors do to help avoid security data breeches in their internal and customer communicating systems?<\/strong><\/em><\/span><\/p>\n

 <\/p>\n

\"jack_f\"<\/a>As always education is key: If you are working with control systems that are attached to your personal, company or especially your customer’s networks, you should know a good deal about networking. \u00a0Not to say “be an expert”, but understand the fundamentals of networking and their importance to information, therefore securing the information. \u00a0Understanding how the overall system works will allow you to be smart in your installations with best practices such as: changing default passwords that are printed and public knowledge. \u00a0Using secure encryption to transmit data and critical information. \u00a0Allowing push notifications for data that is sent to cloud based systems opposed to polling the data from an external network. \u00a0There are many more, but these few are commonly broken because the average HVAC and\/or Controls technician is not educated on Networking and literally being unaware of hackers using a building automation system to obtain valuable data. \u00a0Most controls manufacturers default settings are for minimal security at best, however, you can read the literature and educate yourself, your people, your company and maybe even your customer. \u00a0You will find that many of them, the OEM’s, have documentation on how to properly set up their products for different types of applications and security levels that will fit your customer’s needs.<\/p>\n

\"angela_h\"<\/a><\/p>\n

What actions would you suggest to an HVAC contractor faced with the situation that Fazio Mechanical has been faced with?<\/strong><\/em><\/span><\/p>\n

 <\/p>\n

\"jack_f\"<\/a>This is a tough position to be in as the reason for the original credentials that were hacked could have been stolen in so many different ways. \u00a0It could have been stolen off of a technicians home computer used to access the Target remote network, it could have been that a technician left a log-in open after finishing work remotely that was picked up and taken over while there was still an open connection to the outside world or it could have been a weak security connection depending on what Target is using for access to its vendors that is easily attacked. \u00a0The bottom line still goes back to education and creating best practices to prevent incidents like this from occurring. \u00a0If I were in a similar position that Fazio Mechanical finds itself in, I would find out all of the information prior to making any statements of the events (which they have done), start educating my employees immediately with relevant information and best practices from local experts and research the interface that Target provided to see what type of security breaches have occurred previously with other locations or customers. \u00a0Ultimately the responsibility falls with the Target Network Administrator to set up and protect their internal network. \u00a0That is what a Network Administrator gets paid to do. \u00a0However, at AirTight our first best practice is to not be a “Vendor” but a partner, which means doing what’s best for our customers and educating them as we go. \u00a0\u00a0General network knowledge and best practices at the technician level may have prevented this issue.<\/p>\n

 <\/p>\n

Angela D. Harris is an\u00a0eMedia Development Specialist with\u00a0The Air Conditioning, Heating and Refrigeration NEWS<\/a>.\u00a0The Air Conditioning, Heating and Refrigeration NEWS\u00a0is the HVACR contractor\u2019s weekly newsmagazine and is the industry\u2019s most trusted and utilized direct communications link to the HVACR buyer. The NEWS assists the decision-makers from all branches of the air conditioning, heating, and refrigeration industry (residential, commercial, and industrial). In addition to contractors, these include manufacturers, distributors, parts and supply wholesalers, and service companies and their administrative, sales, engineering, production, and installation departments. With the latest information printed each week and 24\/7 information on the web, The NEWS will educate you on a variety of different topics throughout the year.<\/span><\/em><\/span><\/p>\n

Watch AirTight Tv<\/a><\/h6>\n
Education is Key, Register for your free class today…\u00a0AirTight University<\/a><\/h6>\n","protected":false},"excerpt":{"rendered":"

Questions by industry journalist Angela Harris\u00a0of the ACHR News Magazine: Answered by AirTight Controls & Automation Specialist Jack Floyd What can HVAC contractors do to help avoid security data breeches in their internal and customer communicating systems?   As always education is key: If you are working with control systems that are attached to your […]<\/p>\n","protected":false},"author":4,"featured_media":2217,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3,2,4],"tags":[],"class_list":["post-4286","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-frontpage-news","category-blog","category-news-partner"],"_links":{"self":[{"href":"http:\/\/www.gregcrumpton.com\/blog\/wp-json\/wp\/v2\/posts\/4286"}],"collection":[{"href":"http:\/\/www.gregcrumpton.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.gregcrumpton.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.gregcrumpton.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.gregcrumpton.com\/blog\/wp-json\/wp\/v2\/comments?post=4286"}],"version-history":[{"count":0,"href":"http:\/\/www.gregcrumpton.com\/blog\/wp-json\/wp\/v2\/posts\/4286\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/www.gregcrumpton.com\/blog\/wp-json\/"}],"wp:attachment":[{"href":"http:\/\/www.gregcrumpton.com\/blog\/wp-json\/wp\/v2\/media?parent=4286"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.gregcrumpton.com\/blog\/wp-json\/wp\/v2\/categories?post=4286"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.gregcrumpton.com\/blog\/wp-json\/wp\/v2\/tags?post=4286"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}