top of page
|
|
|
|
|
|

800 COGNI (26464)

Is your (Hackable) Smart Home secure?


When talking to clients, one of the first questions they ask is "I heard that wireless home automation isn't secure and reliable, is that true?" …False and False!


In this article, I will only tackle the security part of the question and will discuss reliability in the next one.


Secure is a relative word, having spent more than 15 years working in the technology sector with large corporations I’ve learned that having a 100% secure environment does not exist. What we try to reach is somewhere between 90%-99% depending on how critical that environment is.


The Internet of Things (IoT) for a Connected Home means commonplace devices and appliances — such as thermostats, sensors and switches that are connected. The market for Internet of Things devices will hit $7.1 trillion by 2020, according to estimates from analysis firm International Data Corp(IDC).


“In Fortinet's survey, 61 percent of respondents said the connected home would likely happen within the next five years. Regardless of when the tipping point actually hits, there is no doubt that criminals will be ready to take advantage of vulnerabilities.”

The below tips all help to make your home as secure as possible, however it is recommended to have a professional company “harden” your home automation network. Now, let’s get to it:

1. Encryption:


What is encryption? It is the process of encoding messages or information in such a way that only authorized parties can read it. Click to Learn more…


a. Encrypt the data between your home devices and the main controller. Some controllers in the market offer features to encrypt Z-Wave wireless communications using AES 128-bit framework (same as your online banking site).


b. Use Wi-Fi Protected Access II (WPA2) protocol for your Wi-Fi network and not Wired Equivalent Privacy (WEP) protocol as it is weak and easily compromised. (Don’t forget to disable the guest network!)



2. Usernames/passwords:


Change default usernames such as admin and make your passwords complex (Numbers, special characters and big/small letters) to neutralize brute force attacks.



3. Physical tampering protection:


Many devices in the market today include tamper proof features that will trigger an alarm if physically tampered with such as door sensors that if removed or cover open sound the alarm.



4. Devices firmware updates:


Have your home automation provider periodically check online if there are new firmware updates for your devices that are security related and make sure they come and patch them quarterly.


Then why would I want to have a connected-home? to learn more on the benefits of having a smart home click here



I would like to end with a note from the Z-Wave Alliance Executive Director Mitchell Klein statement:


“In the smart home industry, many vendors have chosen to implement security only on access devices and gateways and hubs and not on the other devices for the home. Z-Wave has always offered AES 128 encryption level of security in its protocol for all devices and believes that security is of the utmost importance to address in the IoT market.


Recognizing that with the incredible growth and potential of smart home and the increasing need for the highest levels of security for IoT residential devices, Z-Wave with the help of top industry security experts recently announced the Security 2 (S2) framework for every device in the ecosystem. The new framework includes the existing AES 128 encryption with industry-accepted secure key exchange using Elliptic Curve Diffie-Hellman (ECDH) and authenticated deployments that remove ”man-in-the-middle” attacks.


Security will no longer be optional for Z-Wave manufacturers to deploy; and, through an easy update, all gateways with 500 series chips and all devices that allow OTA (over the air) upgrades are able to add S2 to existing devices. Z-Wave devices also include signal jam detection and the tunneling of all Z-Wave over IP (Z/IP) traffic to eliminate any cloud vulnerability.


Z-Wave takes IoT security very seriously and we believe with the combination of existing and new security features, our devices will be the most secure in the smart home market as we move further into mainstream adoption”





Featured Posts
Recent Posts
Archive
bottom of page