Four questions to ask before committing to a cloud hosting provider

cloud hosting questions

As building automation devices become increasingly connected and demand for enterprise level command systems grows, the need for hosting – either on site or in the cloud – is growing too. Many people are sticking with on-site policies because of security and data ownership concerns but there can be capital intensive demands with this approach and scalability can become a limiting factor as companies grow.

Controls contractors and systems integrators can start to consider off-site, cloud hosting to help expand offerings with the Internet of Things, without investing in a network manager or physical server space. But the concerns are real, and there are some big questions to ask before making the leap. And, while there are certainly big names who provide special offers to get you in the door, some personalized attention for your unique building automation needs would help make the transition smoother. Here we outline our top four questions to ask before committing to a cloud hosting provider.

1.) Can you process time-series data?

The first fundamental thing to understand when considering cloud hosting for building automation data is that building automation data is very different from other types of data. Most hosting companies focus on cloud services for websites. Web traffic can be unpredictable and sometimes consumes vast amounts of computing capacity.

Operational technology or building data is fairly predictable and doesn’t take up very much space. However, for building analytics to provide maximum value, data needs to be collected at regular intervals all the time. This is called time-series data. A standard for building data is five-minute intervals, but most enterprise integrators are looking to gather data from key systems every minute. All of this data needs to be stored and accessible in the cloud for predictive analytics and historic tracking (in case a problem is identified at 9 a.m., users need to be able to see how long the problem has persisted and in what sensors).

Most cloud service providers have not built their server infrastructure to handle this type of time-series data so this is a crucial question to ask.

2.) Do you require dual authentication for access?

Security is the first word on everyone’s lips these days when it comes to cloud computing, the Internet of Things and remote connectivity, and with good reason. Cloud computing can be incredibly secure if you know what you’re signing up for. Dual authentication is the new industry standard for security when accessing cloud hosted data. Your cloud service provider should offer this standard.


3.) Do you have multiple redundancies and what are your uptimes?

Redundancy is everything in the data center world. To help customers understand their data storage options, the industry has established a tiered ranking system based on uptime and redundancy to increase transparency across the industry about what kind of data center is housing your data.

Tier 4 data centers offer the highest level of uptime and redundancy – 99.999% uptime and 2N+1 redundancy and 26.3 minutes of total downtime allowed per year. For a sense of how crucial uptime and redundancy are, Tier 1 data centers require 99.671% uptime but no redundancy and 28.8 hours of downtime per year.

Since building automation data is time-sensitive, the more redundancies the better.

4.) Who owns my data?

The answer to this question cannot be taken for granted. If you go with a big name cloud service provider the answer to who owns your data is likely to be buried in 8 pt. font on page 200 of the service contract. It’s best to ask this up front so you can weigh your options in providers.

ZDNet recently explored a variation on this question – do you own your data and have free reign? Their answer: “Maybe.”

They continue: “You own it as long as your technology partner makes it easy for you to access, integrate and innovate. … The reality is that IT vendors as well as operational technology vendors may control your company’s data. Data kumbaya is all fun and games until there’s money to be made.”

The only way to find the answer in your particular case is to ask the question at the outset of your information-gathering on the company you’re hoping to engage with your cloud hosting needs. If they’re dodgy about the answer, you may want to look elsewhere.

Have you started cloud hosting with a big name or boutique provider? We’d love to hear your experience. Share it in the comments below.

*Header photo by Blue Coat Photos on Flickr.

Using LogMeIn for remote access to building sites? Try this instead.

remote-login-e1510164072822.jpgSo your client doesn’t want a static IP address? Maybe they don’t want to add the cost to their operating budget (as was the case with this integrator on a project in Mexico City), or they’re concerned about the security risks that the static IP address poses (because, you know, they’re all published on the open web). Your LogMeIn workaround has been working fine, but what if you didn’t need a Windows OS just to perform remote management functions? What if you could gain remote access without a static IP address direct to any controller in your network?

Controlco is now distributing TOSIBOX, a secure remote access device that does all of that, without the need for a Windows OS or a third-party application like LogMeIn. TOSIBOX locks sit within the operational technology network and they can only be access via TOSIBOX keys, which are serialized upon point of purchase and managed through a secure administrative interface that only the master key holder can access.

Browse the hardware and virtual product line in our online store and contact us to talk about how TOSIBOX can free you from LogMeIn or other third-party access platforms.

*Photo by Illusive Photography on Flickr.

Join Controlco to take FIN for a Spin

FIN graphicControlco and J2 Innovations are hosting user sessions on FINStack this month at two locations in the Southeast region. First up, join us in Little Rock on November 16. Plan for an 8 hour class – lunch will be provided.

This training is free and will offer a chance to create an actual job using a demo version of the building automation framework. It’s a great hands-on opportunity to explore the new features of FIN 4.0.


If the Nashville area is more convenient for you, we’re having a repeat session in Franklin on November 17.


The sessions will cover FIN graphics, historian, bLine Logic, alarms and fault detection, schedules and “magic bubbles.”

Explore FIN’s YouTube channel for more on how FINStack can help your projects.

Confronting Myths and Misconceptions about Tagging in Building Automation Applications


In building automation, tagging applies a standardized name and definition to control devices and points. Tagging is aimed at replacing the unstandardized and frankly not very useful method of naming devices. Take this example: A commissioning agent establishes the names of all the devices and points in a building automation system before getting off the job. By the time a field tech has to go troubleshoot a device, the commissioning agent is long gone and there’s no documentation for that field tech to find what name was given to the device he’s looking for.

Or take the controls engineer who’s using remote access to monitor, troubleshoot and update the BAS. That person is trying to find the point showing where the AHU is delivering air to a zone via VAV terminal units. What should he search? If he’s using Haystack tagging protocol, he could search vavZone. He’d know that because it’s listed on the open web, not because he found a word document on an old hard drive from 1992.

Tagging, and specifically Project Haystack for building automation applications, is about eliminating the guess work and the errors that result from the most minor differences in device and point names. Naming an air handler unit “AHU” may be intuitive to one person while naming that air handler “airhandler” or “air-handler” may be natural to a different person. There are simply too many variations to try if you ever want to get anything done – AirHandler is different from airhandler, airHndlr, and so on.

It’s true, once there’s a unified tagging method for building automation devices and points, then advanced, even AI-driven applications can be run on top of building data. These are applications like SkySpark, FIN Stack, and maybe eventually Niagara. There may be an element of self-interest in developing a standard protocol so that proprietary software systems can advance, but the truth is building controls can no longer stay confined to basements or rooftops. Property owners are pressing for the industry to find real value in data from building controls. We all know it’s there, and tagging frees us up from spending all our time looking for it.

*Photo from jblevine2004 on Flickr, commercial use license.

Tridium introduces JACE 8000 IO R modules with webinar

Next up in the TridiumTalk webinar series will be an introduction to the new JACE 8000 IO R modules. Led by senior product manager Mike Westerfield, the webinar will cover what’s new and different with the updated NDIO to NRIO conversion tool.

Niagara CentralIf you missed the first session of the talk, there’s another one this week on October 18 at 11 a.m. eastern. Registration is still open.

Supported by Niagara 4.3, this new module provides a direct connection to sensor and device inputs and outputs spread remotely up to 4,000 feet away. Tridium says this new capability allows for remote connectivity to monitor, schedule and analyze building assets “like never before.” Learn more in the webinar Oct. 18.

Tosibox May Be New to Us But…

You may have heard, Tosibox is our newest distribution product. The American subsidiary of Finnish company Tosibox Oy is only a few years old and it has mostly been adopted in the industrial space. We at Controlco like to be first to the distribution market with products that are new to the building automation industry so we’re really excited about representing Tosibox for the commercial buildings space.

While our team is deeply involved in real-world examples of why Tosibox is the best product available for secure remote connectivity to building devices like air handlers, JACEs, lighting systems and more, it turns out those who keep a close eye on innovative technologies have been aware of Tosibox for years.

In a massive report on “Solving the Persistent Security Threats for the Internet of Things,” TechCrunch contributor Ben Dickson had this to say about Tosibox in 2015:

“Other companies such as Finnish VPN company Tosibox are providing versatile encryption solutions that add an encrypted control layer to remote data access mechanisms in order to improve file access security on devices that are lacking such features.”

If you didn’t catch the key word that was repeated there, it’s encryption. For our purposes in the commercial buildings space, Tosibox has two main products – conveniently called locks and keys. For the wonkiest among us, they describe their locks and keys as “intelligent cryptoprocessing devices.” For the rest of us, that means they come with built in security, as in the encryption that Mr. Dickson is referring to.

In his TechCrunch article, Dickson makes the case for on-device encryption as the most secure way to protect data that flows through devices and to protect access to the devices that are connected to each other. At Controlco, we’re working side by side, or usually phone to phone, with building controls contractors and integrators who are confronted with issues related to HVAC troubleshooting, remote building network access and secure connectivity among many other things. We believe Tosibox solves these problems and we’re glad to see that some people have believed that for longer than we have. Let’s talk more about secure connectivity to your building devices.

Controlco Trainer Jeff Hunter Nominated for Control Trends Award


Controlco’s longtime master Niagara trainer Jeff Hunter has been nominated for HVAC, Building Automation, or IoT Solutions Trainer of the Year from the Control Trends Awards! Voting is open to the public although each person can only vote once. Select Jeff Hunter for #13.

Jeff teaches our Niagara AX, Niagara 4 and AX-to-N4 crossover classes, primarily in our Pleasant Hill office but he schedules a handful of classes in Fresno, California, throughout the year. He is also one of the few remaining trainers to offer Niagara AX certification courses.

Speaking of Jeff’s training courses, there are two upcoming on the Controlco calendar – Oct. 23-27 in Fresno for AX, and Nov. 13-17 in Pleasant Hill for N4. Jeff is so great that he recently got a training facility upgrade in Pleasant Hill, complete with a cutting-edge operational technology architecture that students get to work with throughout the week-long course (take a sneak peek at the control panel in the photo at the top of this post).

The Control Trends Awards take place in Chicago on January 21. We’re not sure when voting ends, so vote now!