Smart home systems shoulder the cybersecurity burden
Source: Elvina Yang
As a bridge connecting several devices at home, protection of smart home systems is critical for cybersecurity. Some safety protection has taken a security-in-design approach, while some promote two-factor authentication
A smart home system plays a role in integrating all different kinds of smart home devices on a single platform. Attackers could aim for the smart home system in order to access other connected devices and compromise the whole home network.
One of the biggest threats faced is where a home system is jeopardized as part of another attack or data breach. These types of attacks
result in users' credentials being compromised, typically as a result of a phishing attack. And, if the same credentials have been used to access or control the home system, the attacker will have the keys to endanger the cybersecurity at home.
Such incidents may cause a complete shutdown of the home security system including locks and alarms, or attackers can take over the controls of other devices such as security cameras. Therefore, a security layer on the home system is critical for smart home cybersecurity.
Two-Factor authentication should be integrated
The abode systems smart home system protects a smart home with two-factor authentication that includes a rolling key that only the system user has access to. This method protects users even if the user credentials are attacked or exposed. "As a smart home security company, abode was one of the first to implement two-factor authentication which provides a great deal of protection against common attacks," said Scott Beck, CTO at abode systems.
"This should be a part of every important internet-connected system today, but there are still many smart home systems without this important feature." Beck suggests choosing a unique and secure password for every interconnected system where an account is required. And there are many applications available to help with the task. Additionally, changing the router's default username and password to something unique and more complex could significantly increase the security of the entire network.
"We recommend customers think carefully about who they are trusting to let in and manage their home," Beck said. Homeowners should research thoroughly Scott Beck, CTO, abode systems Scott Harkins, Vice President and General Manager, before installing anything in their home.
Secure-by-design approach is critical
Resideo, a smart home system
company which has spun off from Honeywell, integrates "secure-by-design" as a central approach in the product design process to ensure homeowners' cybersecurity
. The company has a rigid and secure product development lifecycle that integrates the latest ISA (The International Society of Automation) standard. Its privacy requirements mandate that data be fully encrypted both at rest and in transit; and it requires features such as secure boot and code signing in all products to ensure their integrity against malicious attackers.
"Resideo takes cybersecurity and data privacy very seriously and recognizes that the security of our Honeywell Home products is a top concern to our customers," said Scott Harkins, Vice President and General Manager, Connected Home at Resideo.
Security is everyone's job. Security engineers work on product design, wireless protocols
draw up security frameworks, and homeowners can also complete small tasks to help safeguard their home. "A secure, password-protected internet connection is vital. We highly recommend that consumers keep their internet routers and other devices up to date with the most current software versions, as those often contain new or updated security protocols," said Harkins. Additionally, Harkins suggested, if users are using a public Wi-Fi network, it would be good to use a virtual private network (VPN) connection to enhance the security of network traffic. They should also keep their anti-virus software up to date across all devices on the home network.