— DOWNLOADABLE RESOURCE

BAS Cybersecurity Checklist

The network questions your BAS provider should be able to answer. Segmentation, authentication, patch cadence, remote access, incident response — a working checklist for facility managers whose systems are now on the network.

Download the checklist.

Fill out the form and we’ll send the PDF to your inbox. You’ll get the file immediately on the next page, and a backup copy in your email.

BAS Cybersecurity Checklist cover — the network questions to ask your building automation provider

Six pages. Written for facility managers, not IT security professionals — practical, checklist-style, no jargon-heavy padding.

What’s inside

  • Network segmentation — is your BAS on the same VLAN as guest Wi-Fi? What separates the operational network from the corporate network? Where do the firewall boundaries actually live?
  • Authentication + credentials — who holds the admin passwords, how they’re rotated, whether default passwords ever got changed, and what happens when a technician leaves.
  • Patch cadence + firmware — how often controllers get updated, who owns the patch schedule, and what happens when a manufacturer issues a security bulletin.
  • Remote access architecture — VPN, jump-box, cloud-managed BMS, or something worse. The tradeoffs and the questions to ask.
  • Incident response — who your BAS provider calls at 2 a.m. when a device goes rogue. What’s in the runbook. Who has the backup credentials.
  • Vendor risk — the SOC 2 / ISO 27001 questions, cyber insurance, third-party audit status — the things your GC and IT team will ask before signing.

6

pages, no filler

41

years in the panels

Neeve

cloud-managed BMS installs

EBO

Schneider EcoXpert certified