As more households own
smart home devices, concern regarding the
cybersecurity of their connected gadgets increases. 71 percent of U.S. broadband households that own
smart devices have shown concerns about cybersecurity and more than 40 percent do not trust companies to keep their data safe, according to a recent whitepaper published by Park Associates.
Regardless of having smart home devices or not, 63 percent of the general public are concerned about cybersecurity in smart homes.
“The term cybersecurity has been the common label for protecting the transmission of consumer data. This is becoming a narrow view of cybersecurity because home devices are increasingly vulnerable to cybersecurity attacks that affect operation and data accumulated within these devices,” wrote Dr. Kenneth Wacks, Contributing Analyst, Parks Associates, in the whitepaper.
Connected devices and systems in our homes are changing from computers, electronics to TVs, light bulbs, doorbells and thermostats. The increasing variety of connected devices and their incomplete cybersecurity have led home devices to become increasingly vulnerable to
cyber attacks.
“The protections used for personal computers, such as anti-malware programs, need to be adapted for home system components since many include computer functions making them vulnerable to cyber attacks,” wrote Wacks.
Security in design
Smart home devices are connected with each other via a home network, which is often linked to external servers through a
gateway between the home network and an access network such as the internet. Park Associates has pointed to different methods where gateways, product manufacturers and service providers can do more to protect home by making cybersecurity impenetrable.
First of all, a gateway processes data flows between home systems and external servers. It should provide a layer of cyber protection by screening and filtering data as data sentry services, to secure homeowners’ data. In addition, gateways should validate the connection to an external server in order to ensure the home device is connecting to the intended service provider, suggested the whitepaper.
Smart home product developers, secondly, it should list all sorts of data collected and processed via the device. Such as the data requested, the usage of this data, with whom this data may be shared with, how long this data will be retained, and how the data will be protected to minimize loss in a cyber breach.
Most service providers and product developers offer their customers some kind of data privacy option by demanding click-through approvals for access. However, the whitepaper suggested, customers should be offered multiple service-level options, each with a corresponding list of requested personal data.
Customers are becoming more aware of personal data being misused. 54 percent of U.S. households owning smart home devices do not feel they get much in return for sharing data, according to the whitepaper. In May 2018, the European Union (EU) passed the General Data Protection Regulation (GDPR), addressing advanced personal data protection in the digital age.
“Maintaining customer data privacy requires cybersecurity tools appropriate for the capabilities of connected devices,” wrote Wacks. “Building in privacy protection during product design is less costly for manufacturers than fixing problems later and compensating consumers for breaches.”
“A comprehensive system should perform like a computer operating system running data validation algorithms, virus and malware checks, and maintaining an audit trail for forensic analysis of failures, whether caused by design bugs or deliberate attempts at penetration and data theft,” wrote Wacks.