Comfy Life

Security, Risk Management, Systems Integration: Insights from an Enterprise Solutions Veteran

Posted by Anna Lui on Oct. 31, 2018

Security, risk management, solution design, system integration: deploying SaaS at scale can be a big undertaking. With over a decade's worth of experience in enterprise SaaS, software project management, and managing the delivery of multi-million dollar projects for both multinational enterprise companies and governmental agencies like NASA, Elizabeth Foughty, our Solution Design and Delivery team lead, makes it look  easy.

We sat down with Elizabeth to understand how she helps customers design enterprise-level solutions that meet their workplace goals, and to share some of her cyber security best practices.

1. What does it mean to lead a "solutions" team?

Designing solutions on an enterprise level is incredibly complex. In Comfy's case, we're working with companies that have real estate portfolios spread across multiple buildings, multiple cities, and multiple countries—and every one of their buildings is different. Part of my team's job is about understanding the technical compatibility of the space: specific building and IT security capabilities, existing calendar and ticketing systems, room booking and sensor integrations, and working with other vendors to develop controls sequences and API integrations to ensure everything is running smoothly. The other part is solutions consulting.

Sometimes we have clients looking for a smart building solution; they want to more efficiently manage the building and preemptively identify and resolve building system and occupant comfort issues. Sometimes we have clients who are looking to improve space utilization, and are looking for tech to help with their agile workplace strategy, a new hot desking or free addressing program.

Lastly (and increasingly), we're working with clients who have put out an RFP specifically for a “workplace experience app.” They know they need to invest in modern workplace tech for their workforce, but with so many new advances in workplace technology they need help navigating what a full workplace experience solution actually means and looks like—and how it fits in with their existing systems.

My team works closely with our clients, our customer success managers, and our sales team to design enterprise expansion programs, timelines, and solution packages that make sense for each client's specific needs.

2. You work closely with a lot of technical stakeholders. What are some of the most common questions or misconceptions they have about Comfy?

Most misconceptions relate to Comfy temperature functionality, as that is the most unique aspect of our offering. We get a lot of questions along the lines of “How does Comfy actually work?” Often when we meet with a building engineer or facilities manager, folks who are intimately familiar with their building and have kind of "seen it all," they've never seen tech that actually connects occupants to the building in real-time. They’re fascinated and really curious, (and sometimes a bit dubious!) to understand the technical elements, from the system integration to the machine learning.

A close second to that is, “So, are we really giving control of the system to the occupants?!” Building engineers have spent a lot of time adjusting their buildings to make sure they are running efficiently, so understandably, they have misgivings about giving employees real-time control over heating, cooling, and lighting. We often need to clarify so that the engineers understand that Comfy won’t change or override their work and our team works closely with  facilities to set the appropriate parameters.

Comfy empowers facilities teams because it allows them to see where things might not be working as well as they could be. This is information that they can take to their controls vendors — like this damper is stuck and it's impacting everyone's experience. Comfy also gives real estate teams more knowledge about how their space is running and how it's being utilized, how conference rooms are getting used or not, how people use their desk space and lighting systems.

3. You have extensive experience in cyber security. What advice can you offer companies about keeping their buildings safe?

Whether they’re in the C-suite or on the real estate or IT side of things, I've found that leaders at the leading Fortune 500 companies with whom we work usually fall somewhere along this spectrum:

First, there are those who are in the “security through obscurity” camp. Essentially, when it comes to the security of building controls systems, these folks take a stance that because nobody really thinks about hacking into a BMS, they’re not likely to get hacked. They have a lot of technical experts on their team who know control sequencing, terminal unit functionality, and building systems well, but information security is out of their wheelhouse, so they simply don’t address it. Luckily, this persona is becoming rarer and rarer as IoT becomes more common.

Then, in the second category, we have folks who are beginning to be aware of the vulnerability of the building systems and tend to way overcorrect. To ensure their system is secure they decide to completely firewall off their BMS and make sure it has no connection to the internet.  This is also becoming less common as folks realize how much value can be harnessed from the internet of things and workplace experience technology.

Finally, we have customers who have passed through the first two phases and reached a high level of sophistication with their systems. They’ve realized they can't just completely firewall off everything if they want access to valuable workplace tools and functionality. They recognize their vulnerabilities head-on and institute best practice security measures that both keep their systems safe, but also allow room for them to implement new cloud-based technologies.

Here are a few best practices I recommend to companies and their IT leaders looking to implement workplace tech:

  • DO put the appropriate firewalls in place.
  • DO NOT have a path from your BMS to other sensitive business information. For instance, if someone does hack into your BMS, they should not be able to find a circuitous route to your POS machine (This is how the infamous Target hack happened a couple years back.) 
  • DO institute strong password processes. It sounds simple, but you’d be amazed at what people still use for high level systems.
  • DO educate your workforce. People are by far the biggest vulnerability in the infosec space. 

4. What is the most gratifying part of your job?

I love designing solutions. I really enjoy going in and having those initial conversations with a customer and establishing how our products can help resolve their particular problem set. I love problem solving, working with customers, and creating a solution that works for everybody. At a conference a customer recently asked me “Where do I even start with workplace experience? What do I need to do?”  I super geeked out over this question! (Answer: Think about what you’re trying to accomplish. A smaller real estate footprint? Activity Based Working? Improved Morale? Energy Savings? Let your goal guide you in determining which solutions to adopt, whether it's hot desking, or space utilization metrics, or energy metering.)

I also feel really fortunate to lead a fantastic team. People with strong technical skills and good people skills are like unicorns—it’s definitely a hard skill set to find. It amazes me how many people at Comfy have the deep technical expertise in the building industry and software—and the ability to communicate well and build rapport with clients. Pretty much every day I’ll have an interaction with one of my teammates and think, wow, I’m so glad you’re on my team...I’m really just in awe of their skills. Mostly I just try and set them in a direction and then get out of their way!

5. OK, I have to ask...what was the coolest thing you did at NASA?

One of the the really cool things I got to work on at NASA was the NASA Sustainability Base Project. The idea was to implement the closed-loop technology NASA uses to sustain life in space and apply it to the renovation of one of NASA’s buildings. The vision: everything about the design would support both human and planetary well-being. I was involved in a lot of the early projects working with our scientists on metering in the building so that people could actually track their energy use and the building would learn over time to optimize performance.

One of the things I enjoyed most about NASA is that the people were all so passionate about what they do. People work well into their seventies because they love what they do so much! I see a lot of that same passion at Comfy; we have a lot of people who are really excited about what we're building as a team and that is one of the things that brought me here!

Interested in learning more about the solutions Elizabeth's team can design for your workplace? Explore our solutions page.

You May Also Like

Keep up to speed on what’s new in the digital workplace.