301.519.9237 exdirector@nesaus.org

8.6.21 – SSI

The security category is particularly vulnerable — smart cameras, locks and the hubs controlling them are all hacking targets.

Compared to just a few years ago, home networks today have never been so full of connected devices. Parks Associates research from 2020 found that U.S. broadband households now have an average of 12 connected devices per home and estimates that number will increase to 20 per home by 2025.

The smart home continues to grow, but so too, are the threats facing it. While device manufacturers by and large do a good job designing for and thinking about the security of their specific device, that approach is myopic and does not take into consideration the security of the network as a whole. There’s often such a narrow focus on the device itself, that the network is completely forgotten, leaving it exposed.

The security category is particularly vulnerable — smart cameras, locks and the hubs controlling them, are all tempting targets for would-be hackers.

Protecting the network  what is needed?

Today’s smart home device market is dominated by single, standalone devices. As companies vie to find a way to be part of the connected network of smart devices and thus offer greater value to consumers, having a mandated and certified protocol in place ensures that security is maintained throughout an interoperable ecosystem, regardless of product manufacturer.

With reports and briefings detailing accounts of some IoT devices that have been exposed as less than secure, it is critical that integrators seek out devices from manufacturers that prioritize and proactively implement security measures for installation within their scoped projects.

Take, for example, Z-Wave. The Z-Wave Security 2 (Z-Wave S2) certification mandates that manufacturers implement the best-in-class security framework to ensure Z-Wave devices are the most secure in the industry. Z-Wave S2 uses a single command structure that replaces a previous three-step process, which reduces latency and improves battery life for devices using the new security framework. S2 is a solution for all nodes in the network in order to protect the entire network.

For Z-Wave devices in the network, S2 secures communication both locally for home- or business-based devices and in the hub or gateway for cloud functions.

This lockdown in communication virtually removes the risk of devices being hacked while they’re being included in the network. That’s because a QR or pin-code on the device level is required for unique authentication and for the device to be added to the network. This also ensures that end devices cannot be targeted by a DDOS attack, since Z-Wave devices are out of reach from most consumer electronics.

What integrators need to consider and communicate

Network security is still a cited concern from customers — so explaining that you are installing technology that prioritizes network security, in addition to the physical security benefits they’re getting from smart home security, will be an important point to inspire customer confidence and trust. As the expert and trusted guide on your client’s smart home journey, it is critical to take the concerns of customers seriously and educate them on actions they can take – on their own or with your help – to further secure and safeguard their homes.

Security dealers and integrators should promote and champion steps their customers can take to better protect their network, and thus, their connected devices. An excellent first step, for example, is to explain the benefits of further securing their WiFi network. While clients might be tempted to give their WiFi network an amusing name, assigning a non-identifiable, non-model specific SSID (service set identifier) to the home router and then securing it with a robust password is one of the easiest things customers can do to fly under the radar of anyone snooping around on networks they do not belong on.

As a value-add service, security dealers and integrators can offer to help enable two-factor authentication and update the firmware of all the smart home devices that were just deployed on the network. Two-factor authentication helps safeguard individual devices and network access by requiring users provide a second form of authentication beyond just a username or password. This not only helps keep would-be hackers at bay, but it can also alert customers to potential suspicious activity so steps can be taken to further secure their account.

As devices age, companies and manufacturers often roll out bug fixes and new features to devices that usually update when connected to WiFi. However, there are a number of devices that still require users to proactively select the “update” button. Monitoring for these updates ensures that deployed devices are updated, and any known vulnerabilities have been patched.

By in large, the messaging and anecdotes the security dealers, integrators and professionals have relied on hasn’t changed. Installed and deployed smart home security systems do in fact help safeguard clients from visitors of the unwanted variety. One of the most significant differences today though, is that these systems are now also capable of helping keep digital or “internet intruders” at bay through robust security protocols and networking.

When security dealers understand the relationship between securing the individual devices they are deploying, as well as the network as a whole, they are best equipped to provide the highest level of service to their clients, now, for many days to come.

Mitchell Klein, Executive Director, Z-Wave Alliance and Director of Strategic Partnerships, Silicon Labs