Recent Breaches
Breaches
2026PowerSchool62.4M records stolen2026DISA Global Solutions3.3M records stolen2026Globe Life850K records stolen2026NHS ScotlandUndisclosed records stolen2026HertzUndisclosed records stolen2025Marks & Spencer9.4M records stolen2025PayPal35K records stolen2025Jaguar Land RoverUndisclosed records stolen2025Co-operative GroupUndisclosed records stolen2024National Public Data2.9B records stolen2024Ticketmaster560M records stolen2024Change Healthcare100M+ records stolen2024AT&T73M records stolen2024Dell Technologies49M records stolen2023Progress Software (MOVEit)77M+ records stolen202323andMe6.9M records stolen2023Royal MailOperations halted records stolen2023British LibraryUndisclosed records stolen2023MGM ResortsUndisclosed records stolen2022Uber57M records stolen2022LastPass33M records stolen2022Optus9.8M records stolen2022Medibank9.7M records stolen2022Twitter5.4M records stolen2026NHS ScotlandUndisclosed records stolen2026HertzUndisclosed records stolen2025Marks & Spencer9.4M records stolen2025PayPal35K records stolen2025Jaguar Land RoverUndisclosed records stolen2025Co-operative GroupUndisclosed records stolen2024National Public Data2.9B records stolen2024Ticketmaster560M records stolen2024Change Healthcare100M+ records stolen2024AT&T73M records stolen2024Dell Technologies49M records stolen2023Progress Software (MOVEit)77M+ records stolen202323andMe6.9M records stolen2023Royal MailOperations halted records stolen2023British LibraryUndisclosed records stolen2023MGM ResortsUndisclosed records stolen2022Uber57M records stolen2022LastPass33M records stolen2022Optus9.8M records stolen2022Medibank9.7M records stolen2022Twitter5.4M records stolen2026PowerSchool62.4M records stolen2026DISA Global Solutions3.3M records stolen2026Globe Life850K records stolen
View All →
Construction

Site Network and BIM Data Path Governance

Construction projects involve dozens of contractors sharing temporary networks on active sites. BIM models, structural calculations, and building management systems contain sensitive data that defines the physical security of the built environment.

Back to Control
Control

Construction

A stolen BIM model does not just represent intellectual property loss. It provides a complete blueprint of a building's physical security systems, structural weaknesses, and access points.

100%

BIM data path isolation from site networks

Zero

Persistent contractor access between visits

4

Site network zones with independent governance

Full

BIM security and ISO 19650 compliance

The Challenge

Construction sites present unique network risks.

BIM Data Exposure

Building Information Models contain detailed structural, mechanical, and security system data that, if stolen, reveals the physical vulnerabilities of critical buildings.

Multi-Contractor Access

Dozens of subcontractors share temporary site networks with varying security standards, each creating potential entry points for attackers.

Temporary Infrastructure

Construction site networks are inherently temporary and often lack the security controls applied to permanent corporate infrastructure.

The Scenario

Scenario: BIM Data Theft from Critical Infrastructure Project

A subcontractor's laptop, connected to the construction site Wi-Fi, is compromised through an unpatched vulnerability. The attacker uses the site network to access the BIM collaboration server, downloading complete structural and security system models for a new government building. The models reveal every security camera location, access control point, and structural reinforcement detail. With Firevault Control, the BIM collaboration environment is physically separated from the general site network. Subcontractor access to BIM data requires multi-party authorisation and operates within controlled time windows. The compromised laptop cannot reach BIM systems because the path does not exist.

"We found the BIM model for a Ministry of Defence facility on a contractor's personal laptop. It contained the complete security system layout, structural details, and utility routing. The contractor had left the project six months earlier."

Solution Blueprint

Physical governance for construction data.

Construction firms gain physical control over BIM data, building management systems, and multi-contractor site networks. Contractor access is governed by time-limited, authorised windows. Sensitive project data is physically separated from general site networks. Long-term archives persist beyond temporary site infrastructure.

  • Physical BIM data isolation from site networks
  • Time-limited contractor access with multi-party authorisation
  • Independent governance for each contractor organisation
  • Cellular management independent of site infrastructure
  • ISO 19650 compliance evidence throughout the project lifecycle
  • Long-term data archives beyond construction phase
Fracture

Fracture — Site Network Severance

Module 1 of 4

Physically disconnects compromised site network segments to contain threats. When a contractor device is compromised, Fracture severs the path to prevent lateral movement into project data systems.

Featured In

TechRadar ProConnected BritainTotal TelecomSecurity BuyerComms BusinessComms DealerBlocks & FilesYahoo FinanceGlobeNewswireChannel InsiderUK DirectorSecurityBriefPCRBusiness Time in EssexTechRadar ProConnected BritainTotal TelecomSecurity BuyerComms BusinessComms DealerBlocks & FilesYahoo FinanceGlobeNewswireChannel InsiderUK DirectorSecurityBriefPCRBusiness Time in Essex

Key Capabilities

Sovereign Project Data

All BIM models and project data remain within the agreed jurisdiction in secured Firevault Bunkers, meeting government construction security requirements.

Multi-Contractor Governance

Each contractor organisation receives isolated access paths with independent authorisation and logging, preventing cross-contractor compromise.

ISO 19650 Compliance

Automated compliance logging supports ISO 19650 information management requirements and government construction security standards.

Site Cellular Management

Out-of-band management via cellular connectivity ensures governance capability independent of temporary site network infrastructure.

Project Audit Trail

Every access to BIM data and building systems is recorded in tamper-proof logs that persist beyond the construction phase.

Project Data Archive

Air-gapped copies of project data ensure long-term preservation beyond the life of temporary construction site infrastructure.

Demo to Live

Adoption Guide

Step 1

Project Security Assessment

Assess BIM data sensitivity, contractor access requirements, and building management system connectivity for the project or estate.

Step 2

Site Zone Architecture

Design physically separated zones for general site access, BIM collaboration, building management, and corporate project systems.

Step 3

Single Site Pilot

Deploy on a representative construction site with full contractor access governance, BIM data isolation, and compliance logging.

Step 4

Estate-Wide Adoption

Standardised deployment across all construction sites with centralised data archives, continuous compliance evidence, and cellular management.

Step 1

Project Security Assessment

Assess BIM data sensitivity, contractor access requirements, and building management system connectivity for the project or estate.

Step 2

Site Zone Architecture

Design physically separated zones for general site access, BIM collaboration, building management, and corporate project systems.

Step 3

Single Site Pilot

Deploy on a representative construction site with full contractor access governance, BIM data isolation, and compliance logging.

Step 4

Estate-Wide Adoption

Standardised deployment across all construction sites with centralised data archives, continuous compliance evidence, and cellular management.

Questions

Frequently Asked

Ready to take the next step?

See how Control can govern your data paths with physical enforcement no software exploit can bypass.

    Your privacy matters

    We use cookies to keep the site running smoothly and to understand how you use it. You are in control. Privacy Charter · Cookie Policy