Isolation
Designing the BAS as a stand-alone entity that is separated from other business systems, isolated from the internet, and protected from unauthorized physical access.
Best practices, built into our solutions.
Every day, new cyber threats emerge around the world. Although most businesses are quick to devote resources to IT cybersecurity, connected building automation systems often go under-protected or even overlooked altogether. Yet, they are increasingly a target of cyber attacks. The fact is, with the convenience of network-connectivity and remote access come inevitable security threats
At Trane, we help protect you in the following ways:
BAS industry experts have addressed these common questions and concerns. The good news: There are some very practical best practices for designing, installing, and maintaining secure BAS systems.
Designing the BAS as a stand-alone entity that is separated from other business systems, isolated from the internet, and protected from unauthorized physical access.
Formalizing processes that provide secure on-site and remote access for employees and service providers.
Establishing (and sticking to) set protocols and maintaining a regular schedule of system and software maintenance to maintain security over the long term.
At Trane, we take cyber threats very seriously by integrating cybersecurity best practices into our entire line-up of building automation systems. Our controls are designed to proactively provide protection against incidents using tools such as encryption, multiple layers of access control and authentication to protect your data. Read below to learn more about some of the compliance standards we have met and certifications our products have earned:
SOC2 Compliance is a 3rd party compliance audit focused on client data security. Trane products (Tracer® SC+, Symbio® 800, Tracer® TU, Tracer® Ensemble®, Trane Intelligence Services®, Trane® Connect®) are SOC2 Compliant. The report describes the Trane controls environment and external audit of Trane controls that meet the AICPA Trust Services Security Criteria.
Learn moreAll Trane controls devices are BTL certified. This means that all the BACnet™ functionality provided in the device has been tested by an independent laboratory and has passed the set of standardized tests.
Learn moreThe Texas Risk and Authorization Management Program (TX-RAMP) is a standardized approach for security assessment, authorization, and continuous monitoring of cloud computing services that process the data of a state agency. Trane’s cloud offerings (Tracer® Ensemble®, Trane® Connect® and Trane Intelligent Services®) are TX-RAMP certified.
Learn moreTrane delivers industry-leading products and solutions that can be deployed securely. Each brings out-of-the-box simplicity to complex cybersecurity features while streamlining installation, onboarding and maintenance.
Trane Secure Remote Connection seamlessly co-exists with existing infrastructure, so there's no need to create a firewall opening or establish a VPN connection. Trane BAS controllers are accessed via a web page, service tools, or phone app.
Trane's Cellular Module establishes a remote and secure connection between the BAS controller and the Trane Cloud for anytime data collection when an IT network is unavailable.
Trane mitigates on-going risk on Tracer® SC+ site installations by providing proactive and routine cybersecurity audits through hardening reports and scans.
Current and future Trane controls products in development will incorporate BACnet Secure Connect and other industry standards through a simple software update.
Staying up to date on cybersecurity best practices and taking proactive steps to prevent breaches can help your company avoid incidents or at least minimize their impact. At Trane, we align our approach to cybersecurity with National Institute of Standards and Technology’s (NIST®) “Framework for Improving Critical Infrastructure Cybersecurity.”
Identify all the assets in your building (building automations systems /IoT devices equipped in the network). Assess your risks. Understand your organization's cybersecurity strengths and weaknesses.
Proactively act on your assessment and protect your assets. Implement safeguards to reduce risks such as preventative procedures, equipment/ technology updates, staff training, etc.
Enact activities such as continuous asset and network monitoring to detect the occurrence of cybersecurity events as early as possible.
Develop a set of response planning and mitigation strategies. These might include efforts to contain or minimize impact, analysis, and assessment of the incident and its impact on the organization.
Outline recovery processes, business continuity procedures and best practices to ensure timely restoration of building systems or assets affected by cybersecurity events to return to normal operation quickly.
Learn how we use responsible vulnerability management to better ensure the safety and security of our products and connected solutions, or to report a potential vulnerability.
Interested in learning more about secure products and solutions? Read the cybersecurity summaries for some of our industry-leading products.
Tracer® Ensemble® is a web-enabled, enterprise building management system.
Read the Cybersecurity SummaryTracer® Ensemble® On-Premise is an enterprise building management system installed on the customer’s network.
Read the Cybersecurity SummaryTracer® SC+ is a system controller hardware with a web-based user interface named Tracer Synchrony.
Read the Cybersecurity SummaryThe Trane USB Cellular Module is a cellular solution for connecting a Tracer Building Automation System to the Trane cloud without compromising security.
Read the Cybersecurity SummaryTrane® Connect™ is a secure, cloud-based customer portal to access your building systems for remote monitoring, building management, and routine maintenance.
Read the Cybersecurity Summary