GDS Technology — Built, Wired and Secured podcast banner
Watch on YouTube →
Shared Spaces, Shared Risks: Managing Tenant Equipment and Guest Networks in Multi-Tenant Buildings
Episodes Wired
Episode 45

Shared Spaces, Shared Risks: Managing Tenant Equipment and Guest Networks in Multi-Tenant Buildings

June 11, 2026
Key takeaways
  • Unmanaged tenant equipment can disrupt shared building systems when ownership and handoff points are unclear.
  • Most problems start with blurred boundaries, ad hoc cabling, wireless interference, and poor maintenance access.
  • A simple rule set around demarcation points, VLAN separation, and equipment inventory prevents many avoidable outages.
  • Reliable onboarding matters because testing and documentation catch cross-connections before they affect operations.
  • Basic investments in labeling, segmentation, demarcation infrastructure, and lockable access improve resilience.

Show Notes

Episode Overview

In this episode of Built, Wired, and Secured, Alex Morgan and Michael Harrington examine a problem that is becoming more common in multi-tenant buildings: tenant-owned equipment and guest networks operating close to shared building infrastructure. What looks like a simple tenant convenience issue can quickly become an operational and security problem when boundaries are unclear, cabling is undocumented, or wireless deployments are uncoordinated.

The conversation starts with a realistic scenario. A tenant installs a new router in their suite, that device back feeds a shared switch, and suddenly the lobby kiosk drops offline while the building intercom goes silent during a visitor arrival. Complaints start immediately, the operations team has to respond fast, and no one is fully sure who owns which cable or where the fault actually sits. That example frames the broader issue: unmanaged tenant technology can create building-wide disruption.

Why This Matters in Multi-Tenant Buildings

A major theme in the episode is that buildings now behave like technology platforms. Tenants want to bring in their own routers, cloud-connected services, and guest Wi-Fi. Those systems often sit near shared infrastructure such as riser rooms, patch panels, and ceiling-mounted wireless systems. Because of that proximity, tenant choices can affect critical building operations in ways many owners, facilities teams, and vendors underestimate.

Michael points to a pattern of informal handoffs that creates trouble:

  • Tenants assume they can plug in wherever they need connectivity.
  • Vendors assume the tenant has authority to use shared pathways or outlets.
  • Facilities teams assume the tenant will fully manage whatever they install.

That gap between assumptions is where outages, confusion, and disputes begin.

Where Ownership Gaps Create Risk

The episode breaks the problem into both physical and logical causes. On the physical side, ad hoc cabling can bypass documented handoff points and create connections nobody intended. On the logical side, poorly separated networks can misroute VLANs or IP scopes, allowing tenant equipment to interfere with shared services.

Michael highlights three recurring causes of trouble:

  • Blurred boundaries between tenant space and shared infrastructure.
  • Wireless interference from uncoordinated Wi-Fi deployments.
  • Maintenance blind spots when tenant gear is installed in places nobody can access during an outage.

The takeaway is simple: if the building does not clearly define where tenant systems end and shared systems begin, even a routine equipment change can create downtime or security exposure.

Balancing Tenant Autonomy and Building Resilience

The discussion does not argue against tenant flexibility. Instead, it focuses on how to support tenant autonomy without making the building fragile. Michael explains that operators have three levers to balance:

  • Rules, which define where tenant gear can connect and what separation is required.
  • Access, which determines who can physically or logically interact with tenant devices during an incident.
  • Incentives, such as service expectations or onboarding fees, that encourage compliance.

One of the strongest points in the episode is that policy should stay simple. A complicated rule set may look thorough on paper, but if it is hard to enforce, it will fail in practice.

A Simple Rule Set That Works

To keep governance practical, Michael shares a straightforward three-rule model:

  • Require tenant devices to terminate inside the tenant demised space and use building demarcation points for any cross-network connections.
  • Require logical separation, including separate VLANs and no direct bridging into building management networks.
  • Document and register every piece of tenant equipment in a building inventory with contact and maintenance information.

That framework is useful because it addresses the most common sources of accidental cross-connections while also making troubleshooting faster when something does go wrong.

A Real Operational Example

The episode also includes a concrete example of how these issues play out. Michael describes a tenant-installed managed router that was performing NAT and DHCP across a patched link into a common service VLAN. During a software update, the router rebooted and took that VLAN down for a cluster of building services. Elevator monitoring and the lobby kiosk both went offline.

The recovery effort was slowed by incorrect cable labeling, which made it harder to trace the path. The fix required three steps:

  • Isolating the tenant link at the demarc.
  • Reestablishing IP scopes for critical systems.
  • Updating the move-in checklist so every tenant device would be logged and tested during commissioning.

This example reinforces a core message from the episode: reliable handoff points and structured onboarding are not administrative extras. They are operational controls.

Why Capital Planning Matters

Another important point is that prevention is not only a policy issue. It also belongs in capital planning. Michael recommends budgeting for resilient demarcation infrastructure, labeled racks, clear riser distribution, and lockable closets. He also stresses the value of basic network segmentation at the building layer so a tenant mistake cannot cascade into critical services.

These investments are described as modest compared to the cost of outage investigations, service disruption, and lost tenant goodwill. The episode also notes that a small one-time technical review during tenant onboarding can pay off quickly.

Practical Takeaways and Onboarding Checklist

The episode closes with a short, actionable checklist listeners can apply right away:

  • Publish a simple ownership matrix covering cabling, rack space, and device maintenance responsibility.
  • Require physical and logical separation using demarcation points only.
  • Register tenant equipment with current contact and escalation information.
  • Include a short onboarding test to verify cable labeling, IP scope separation, and power and rack access during move-in.

The broader lesson is that multi-tenant building technology works best when ownership, separation, and onboarding are handled deliberately. When they are not, even small tenant decisions can create shared risk for everyone in the building.

Deeper dive

Shared Spaces Create Shared Technology Risk

Multi-tenant buildings increasingly operate like shared technology environments, not just shared physical spaces. Tenants want to bring their own routers, deploy guest Wi-Fi, run cloud-connected services, and install edge devices that support their own operations. On the surface, those requests can seem routine. But when tenant-owned equipment sits near or on shared infrastructure, the building itself becomes more vulnerable to outages, confusion, and security problems.

In this episode of Built, Wired, and Secured, Alex Morgan and Michael Harrington focus on a practical question for decision makers: how do you give tenants the flexibility they expect without making the building harder to operate and easier to disrupt?

The conversation is grounded in a simple but familiar scenario. A tenant plugs in a new router. That device back feeds a shared switch. The lobby kiosk drops offline, the building intercom goes silent during a visitor arrival, staff begin fielding complaints, and the operations team is forced to troubleshoot fast without clear documentation. That single event captures the real issue. Unmanaged tenant technology does not stay contained when it touches shared infrastructure.

Buildings Now Behave Like Platforms

One of the most important ideas in the episode is that buildings now behave like platforms. Tenants are no longer only occupying square footage. They are interacting with a technology environment made up of riser rooms, patch panels, shared pathways, wireless systems, and building services that may be more interconnected than they appear.

That shift changes the operating model. Tenants expect convenience. Vendors often move quickly to meet tenant demands. Facilities teams may assume the tenant is handling their own technology. But when each party makes different assumptions about authority and responsibility, the result is not flexibility. It is ambiguity.

Michael describes this as a series of informal handoffs. Tenants assume they can plug in wherever connectivity is available. Vendors assume the tenant has permission to use shared infrastructure. Facilities assumes the tenant will own whatever gets installed. Those assumptions create the ownership gap where outages and disputes begin.

Where the Risk Actually Comes From

The episode does a good job of breaking the risk into both physical and logical layers. Physically, the problem often starts with ad hoc cabling. A tenant may run a patch from their demised space into a common riser outlet, bypassing a documented handoff point. Logically, that connection can misroute VLANs or IP scopes and create effects far beyond the tenant suite.

Wireless adds another layer of risk. Uncoordinated Wi-Fi deployments can interfere with building management networks. And maintenance becomes harder when tenant-owned gear is hidden in closets, poorly labeled, or inaccessible during an incident.

That combination matters because it turns small changes into building-wide issues. A device reboot, patching event, or wireless conflict can affect systems that other occupants depend on, even when no one intended that outcome.

The Real Trade-Off: Convenience Versus Resilience

A useful theme in the conversation is that the goal is not to stop tenants from using their own technology. The goal is to create clear boundaries so tenant autonomy does not undermine building resilience.

Michael frames the balancing act around three levers: rules, access, and incentives.

Rules define where tenant equipment can connect and what separation standards apply. Access determines who can physically or logically interact with tenant devices during an outage or investigation. Incentives encourage compliance through practical expectations, such as onboarding requirements or simple service-level conditions.

The strongest advice here is to keep the policy enforceable. A complex governance model may sound comprehensive, but if it is difficult for tenants, vendors, and facilities teams to follow consistently, it will not work under pressure. Simplicity matters because clear rules are easier to teach, inspect, and defend.

A Governance Model That Prevents Most Problems

Rather than offering an abstract policy framework, the episode provides a direct three-rule set that listeners can apply immediately.

First, tenant devices should terminate within the tenant demised space, and any cross-network connections should use the building's demarcation points. That creates a reliable handoff and prevents undocumented bypasses.

Second, there should be logical separation between tenant systems and building systems. Separate VLANs are part of that. So is a clear prohibition on direct bridging into building management networks.

Third, every piece of tenant equipment should be documented in a building inventory with contact and maintenance information. That way, when something fails, the response team knows what exists, who owns it, and who can authorize action.

What makes this structure effective is not its complexity but its practicality. It addresses the most common failure modes while remaining simple enough to enforce during move-ins, vendor work, and incident response.

The Cost of Getting It Wrong

The real-world example in the episode shows exactly how these risks surface operationally. A tenant installed a managed router that was providing NAT and DHCP across a patched link into a common service VLAN. During a software update, the router rebooted and took the VLAN down for multiple building services, including elevator monitoring and the lobby kiosk.

Two details in that story are especially important. First, the outage was not caused by malicious behavior. It came from a normal equipment deployment combined with weak boundaries. Second, recovery took longer because the cable was labeled incorrectly. The issue was not only technical. It was procedural.

The team had to isolate the tenant link at the demarc, reestablish IP scopes for critical systems, and then update the move-in checklist so tenant equipment would be logged and tested during commissioning going forward. In other words, the technical fix solved the immediate problem, but the lasting improvement came from governance and onboarding.

Why Capital Planning Belongs in the Conversation

The episode also makes a strong point about capital planning. Preventing these issues is not only about policy language. It requires some physical and network-layer investment. Michael calls out resilient demarcation infrastructure, labeled racks, clear riser distribution, lockable closets, and basic network segmentation at the building layer.

Those are not luxury upgrades. They are the structural controls that keep tenant mistakes from cascading into larger outages. Compared with the cost of service investigations, tenant frustration, and repeated troubleshooting, the investment is modest.

The same logic applies to onboarding resources. A small, one-time technical review for a new tenant can save far more time and frustration later. When a building knows what has been installed, where it terminates, and how it was validated, support becomes faster and less adversarial.

A Practical Checklist for Owners and Operators

The final takeaway from the episode is that shared risk can be reduced with a short, disciplined onboarding process. The checklist offered in the conversation is concise and useful:

  • Create and publish a simple ownership matrix covering cabling, rack space, and device maintenance.
  • Require both physical and logical separation, using demarcation points only.
  • Document every tenant device along with contact and escalation details.
  • Test cable labeling, IP scope separation, and power and rack access during move-in.

That checklist works because it addresses the recurring sources of confusion before they create downtime. It also gives operations teams something concrete to enforce instead of relying on assumptions after the fact.

The Larger Lesson

The broader message of this episode is that tenant technology is no longer isolated from building performance. In a multi-tenant environment, convenience for one occupant can create risk for everyone if ownership, separation, and access controls are unclear.

For owners, facilities leaders, and IT teams, the opportunity is not to overengineer the problem. It is to establish clear handoff points, maintain simple governance, and treat tenant onboarding as an operational control rather than an administrative formality.

If you want a sharper framework for reducing outages, disputes, and finger-pointing in shared environments, this episode is worth a listen. It turns a common building operations problem into a practical governance conversation, and that is exactly where many avoidable disruptions begin.

Listen to the full episode for the complete discussion and use the checklist ideas as a starting point for a more resilient tenant technology onboarding process.