Craig DiLouie, LC, CLCP recently interviewed Scott Ziegenfus, CEM, CLEP, CDSM, GGP, GPCP, LEED AP, Architect, Systems Manager, Government and Industry Relations at Hubbell Lighting, for an article for the January 2019 of ELECTRICAL CONTRACTOR, the official publication of NECA. The topic: why and how lighting professionals should talk to IT departments. The complete interview is below.
DiLouie: The specifier proposes a networked lighting control system, and the owner accepts it. Confident all plans have been approved, the electrical contractor arrives to install the system. What’s the potential problem here?
Ziegenfus: The fact that that a networked lighting system needs to reside and use the resources of the corporate network.
The owner, owners representative, or property manager working with the GC, EC, EE, and LD are thinking about the traditional elements of a lighting system – like sensor placement and work surface illumination standards. It is usually at this point when they realize they need a network not just for connectivity but other IT components and resources like servers, switches, routers, wireless access points and a connection to the Internet. Do you think they are going to add a completely new IT network just for lighting? Or do they use the one already installed in the building that is managed and controlled by corporate IT?
DiLouie: Why are IT departments reluctant to accept installation of networked lighting controls? From their perspective, what are the risks?
Ziegenfus: Consider how Corporate IT is never praised for keeping the network running or commended for zero security breaches. They only seem to have visibility and repercussions when things go wrong. So the main focus of IT is to limit risk. And they can’t limit the risk if they are not a part of the approval system.
Limiting risk is hard enough with common and known IT infrastructures but with unknown “black boxes” from environmental systems like lighting hanging of the network the risk is big because it is unknown. There are new IT certifications and standards like UL 2900 and IEC 62443 but most are not mature or generally understood. It is up to the IT department to evaluate every time some environmental system needs to connect to their infrastructure and like most departments that is time and money not budgeted.
DiLouie: What if the system will run on a parallel network with its own firewall—are there still risks?
Ziegenfus: In an isolated state? Yes, there are no risks. But this means the Lighting system has its own IT infrastructure that is not connected in any way to the building’s IT, with no use of the building’s Wi-Fi or Internet connectivity. However, if the lighting network is connected at some point to the institutional Internet but has a firewall between the lighting then yes, there is still plenty of risk. Firewalls, like VPNs or other important IT tools, are not in themselves a solution. They are just administered in a cohesive strategy that mitigates the risk. Just having a firewall does not guarantee the absence of Cybersecurity threats, broadcast storms or any other IT issue.
DiLouie: What are the five things should electrical contractors should do to make sure installation is accepted and proceeds smoothly?
Ziegenfus: 1) Communicate with IT early. As soon as the contractor knows they are installing a “Networked” Lighting System get with IT and intiate a conversation. Not only will you find out if you have any issues before you start you might find they are pleasantly surprised they were not forgotten about until the last minute.
2) Understand who you need to speak with in IT. IT departments are like snowflakes, no two are the same. An IT department might have a few people that handle everything while others have specialist in each area (applications, servers, infrastructure, cybersecurity, etc.). Ask to meet with representatives from each section if IT.
3) Have good IT documentation for the first meeting. No one expects the contractor to be an IT guru but the contractor should be able to obtain basic IT documentation from the manufacture to pass along that allows the IT department to ask questions. That is documentation specifically for IT.
4) Don’t plan to dictate. Plan to collaborate. Do not tell IT what they must do for you. Inform them what your system needs to make it work properly and let them tell you how your system can be deployed within their network.
5) Because you think your “Network” lighting system has nothing to do with IT that IT will agree – I have seen to many times contractors and specifiers thinking IT would not be a consideration because it was only a minor function through corporate IT and finding they were wrong and jeopardizing a projects completion. Items like the needing “a” IT connection because of Wi-Fi for a single app or fiber between building, or remote access means they might be in charge.
DiLouie: What can electrical contractors do if the IT department stubbornly refuses even though they’ve done everything they’re supposed to?
Ziegenfus: It’s likely there is a lack of understanding. Bring in an IT expert that knows the network lighting system and ask this expert to clarify, modify, or think outside the IT box. That person will probably be with the manufacturer of the system. It is also possible the system for some reason goes against the corporate IT policy and cannot be installed.
DiLouie: Is the issue here solely focused on networked control systems that connect to the building’s IT switch? Even though room-based connected lighting systems typically don’t connect to the IT network, they do function as autonomous networks. Do IT departments typically manage them, or are these types of systems typically under the facilities department?
Ziegenfus: If it is truly room-based and does not connect or use resources in anyway form the corporate IT network then IT does not usually manage it. But they may have something to say about installation if it uses traditional IT components. One example is a lighting system that uses CAT5 type cables and a RJ45 wall jack for programming. Corporate IT might want to dictate the color or marking of the cables and wall jacks to avoid confusion with their cables and wall jacks.
DiLouie: What types of documentation does an electrical contractor typically need about a networked control system to satisfy IT departments?
Ziegenfus: IT specifications and topology documents solely for the lighting system that are not “cluttered” with non-IT items like daylighting or photometric specifications. The IT department does not care if the daylight sensor has a 0-10V input. Topics of importance to them include hardware specifications, Software and App specifications, Server topology, Ports, Protocols, Addressing, Wireless specifications, etc. Additionally, a good network diagram that outlines the connection/flow of IT components is invaluable. It is not a reflected ceiling diagram or a one line. The manufacturer should be able to supply you with information.
DiLouie: What are the fundamental concepts about device networks that electrical contractors should learn?
Ziegenfus: Start with the fundamentals, especially if the contracting firm doesn’t already have EC’s that install low-voltage network infrastructures and varying levels of networking knowledge. Learn about the basic OSI model as the foundation for networking and build from there. Remember “Networking for Dummies” is actually for smart people.
DiLouie: What are examples of the type of lingo electrical contractors should learn and use with IT departments?
Ziegenfus: First, don’t try to fake it. Someone who understands IT will easily figure out you don’t know what you are talking about. Second, don’t equate what IT does with how you setup your home Wi-Fi. That Home Wi-Fi router (name kind of a misnomer) is preconfigured so you don’t need to understand IT. However, if you learn the OSI model you might want to use it with its corresponding equipment. Don’t talk about devices by just their name like “network switch” or “router” but always say “layer 2 network switch” or “layer 3 router.” You are actually being redundant but in it you are saying I understand the basic structure of a network and subsequently IT’s world.
DiLouie: How does the above apply to electrical distributors? (Particularly in regards to targeting IT departments for selling opportunities, recommending products, supporting the project.)
Ziegenfus: For Electrical Distributors that have a Datacom group this is an opportunity to cross counters. Distributors’ Datacom group understands IT. They deal with them daily. They can help the lighting group enhance the contractors experience with IT knowledge and in turn increase sales.
DiLouie: If you could tell the U.S. electrical industry just one thing about networked control and IT departments, what would it be?
Ziegenfus: A functioning network and protection of corporate data is paramount and ranks higher on the corporate scale then a networked lighting system. This is why Corporate IT departments have the final say about what connects to the corporate network and why it is best to engage with them early in the process.
DiLouie: Is there anything else you’d like to add about this topic?
Ziegenfus: IT is not the enemy. They are just the gate keeper. They have a tremendous responsibility to keep the network functioning and protect corporate data for the survival of their company. They will always be leery about things they don’t understand on their network. It is up to us to make them feel secure.