To BIM or Not to BIM?

It’s been about a decade since Building Information Modelling (BIM) poked its ugly head into the construction industry, forcing organisations to bring in and understand a whole new skillset within CAD/architecture. It also forced anyone like myself, who works within the industry, to form a new understanding of the AEC world if I wanted to stay relevant. The surprising thing is, even 10 years on if you have a conversation with 10 people in the industry, they will have 10 different answers to what BIM is or what BIM means.

The answer is not Autodesk, the answer is not Revit… BIM is a process, a level of maturity in terms of refining your project cycle. The mandate the IET have put together (BS/PAS 1192) takes into consideration people, process, technology and physical controls in which organisations need to comply with to get to level 2/3 BIM, and therefore it is more than just your CAD tools you need to look at.

So why has the IET created this mandate? Following figures showing most construction projects (nearing 80%) take much longer and cost a lot more than first forecasted, there has been pressure put on the industry to confront this. They have found that duplications of effort, due to poorly transferred information between partnering company’s on projects, and the need for this information to be available across several organisations and on-site, means that project managers don’t have the control or visibility they need to reach forecasted success criteria for these projects.

The utilisation of common data environments to store easily available data, IoT devices for SCADA (supervisory control and data acquisition) devices in assets (pumps, valves, moving walkways and the like) and BMS (building management systems) are the technologies that have enabled these organisations to move towards where the IET want them to get to.

However very similar to my last blog, this causes IT teams that age-old problem of security vs productivity.  The board come back from a BIM seminar and decide that all of the company’s effort needs to go into moving up the BIM maturity ladder, and therefore ask their CIO to ‘create a more collaborative working environment for their partners’ without realising the headache this brings them in terms of data ownership and visibility.

Working alongside a lot of organisations in this sector and auditing their journey to BIM maturity in terms of data/IP security, I have found the weakest link is usually the user:

  • Third Party Contractors – This industry sees the use of third parties to fulfil work consistently. If a company doesn’t have full visibility of the applications they are running and have no fixed process of on-boarding and deprovisioning these workers this can leave applications open to attack through stolen or misused credentials.
  • Shadow IT – Many various applications are used in the market and for an organisation to be successful on tenders they need to be as open as they can to working with each one. Also, most organisations I see know that a lot of their staff download applications to use in work without notifying the IT team. 
  • BYOD – As well as staff preferring to use their own applications, a lot of architects especially like to use their own devices. Therefore ensuring your workforce have a strong BYOD policy is paramount.

There is of course, like anything in cyber security, no silver bullet technology that will secure your journey to BIM Level 2/3 or even iBIM if you are at the forefront of maturity. As there are many ways to ‘skin a cat’ in IT, your best bet is working with people with a lot of experience working with businesses with the same kind of issues and who have a deep understanding of BIM and the IT security industry. If you have read this and found it interesting I am always happy to share my thoughts with peers and answer any questions you have, please feel free to get in touch.

Written by: Nick Trott, Client Manager at Armadillo.