Apac
  • Home
  • CXO Insights
  • CIO Speaks
  • Partner Conferences
  • Newsletter
  • Whitepaper
  • News
  • About us
Apac

  • Admired Tech

    Agile

    AI Healthcare

    Artificial Intelligence

    Augmented Reality

    Aviation

    Big Data

    Blockchain

    Cloud

    Cyber Security

    DevOps

    Digital Transformation

    Drone

    HPC

    Infrared

    Internet of Things

    IT Services

    Marine Tech

    Networking

    Plastic Tech

    PropTech

    Robotics

    Sensor Tech

    Simulation

    Smart City

    Software Testing

    Startup

    Storage

    Unified Communication

    Web Development

    Wireless

  • Automotive

    Banking

    Capital Market

    Construction

    E-Commerce

    Education

    FinTech

    Food and Beverages

    Gov and Public

    Healthcare

    Insurance

    Legal

    Logistics

    Manufacturing

    Media and Entertainment

    Metals and Mining

    Pharma and Life Science

    Retail

    Sports

    Travel and Hospitality

  • CISCO

    Google

    IBM

    Microsoft

    Oracle

    Salesforce

    SAP

    ServiceNow

  • Business Intelligence

    CEM

    Cloud-based Planning

    Cognitive

    Collaboration

    Compliance

    Contact Center

    Content Management System

    Corporate Finance

    CRM

    Custom Software Development

    Data Center

    Digital Signage

    Enterprise Architecture

    Enterprise Asset Management

    Enterprise Communications

    Enterprise Performance Management

    ERP

    Facility Management

    Field Service

    Fleet Management

    Gamification

    HR Technology

    IT Infrastructure

    IT Service Management

    Managed Services

    PLM

    Procurement

    Project Management

    RegTech

    Revenue Management

    Sales Tech

Menu
    • Augmented Reality
    • Aviation
    • CISCO
    • Cloud-based Planning
    • Compliance
    • Contact Center
    • Digital Transformation
    • Enterprise Architecture
    • Field Service
    • IoT
    • IT Service Management
    • Manufacturing
    • Retail
    More
    Field Service IoT IT Service Management Manufacturing Retail
    #

    Apac CIO Outlook Weekly Brief

    ×

    Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Apac CIO Outlook

    Subscribe

    loading

    THANK YOU FOR SUBSCRIBING

    • Home
    • Networking
    Editor's Pick (1 - 4 of 8)
    left
    The Network Economy, Fibre Investment and a Better Place to Live

    Gary McLaren, CTO, Hong Kong Broadband Network Limited

    What is CLOUD doing to our networks?

    Sam Schoelen, Chief Information Technology Officer, Continental Resources

    Stepping into IT Mainstream with Advancement in Big Data and CDN

    ColinBoyd, VP & CIO, Joy Global Inc

    Connect, Engage, Disrupt-XaaS and the Power of IoT

    Charlie Isaacs, CTO, IoT, Salesforce

    Software Defined Networks and Network Function Virtualization

    Massimo Rapparini, CIO, Viavi Solutions

    Software Defined Networks- A New Spine for IT

    Scott Fenton, VP & CIO, Wind River

    SD-WAN is Rapidly Changing the Business Networking Landscape

    Jim Clarke, Director, Global Connectivity and Networks, Telstra

    Different Aspects of a Multi-Cloud Environment

    Faisal Yahya, Head Of IT, PT IBS Insurance Broking Service

    right

    Secure Smart Homes Need Control on Site, not in the Cloud

    By Simon Hunt, CTO - Home Gateway Security, Intel Security

    Tweet
    content-image

    Simon Hunt, CTO - Home Gateway Security, Intel Security

    The smart home and the Internet of Things in the home are increasingly newsworthy lately, and for good reason. Who can deny the attractiveness of the “digital butler” experience—as your smart home saves energy and makes life more convenient? Automated lighting, learning thermostats, Wi-Fi enabled door bells with cameras, and smartphone notification that you left the garage door open: Most of us would find these features valuable.

    With this convenience, though, come additional risks, such as the handy two-way Wi-Fi enabled baby monitor that was hacked to allow an individual to shout profanity at the sleeping child, and the reported attacks against home routers to modify DNS settings and steal personal information. We also eagerly await the discoveries from DEFCON 2015’s IOT Hacking Village, a competition designed specifically to find vulnerabilities in popular home IOT devices.

    One partial advantage for homeowners is that the current focus of attack is on Internet-connected home IOT devices. There’s no way a remote hacker can gain access to your X10 or Insteon lights if you don’t have an X10-to-Internet gateway, and there’s no way to access your Zigbee door locks unless you connect them to the Internet, or the hacker is standing a few feet from your door.

    Although Internet-connected home IOT devices are obviously valuable, they are not the sum total of the home IOT market.

    Manufacturers are, of course, eagerly pursuing the home IOT market with Internet-connected devices. The idea of remotely controlling and interacting with our homes while we’re away is extremely compelling. Knowing the garage door is open when you’re at work is far more useful than knowing it’s open when you’re in the home, and changing your home heating settings when you know you’re going to delayed (or early), equally so.

    Other advantages to an Internet connection include having weeks of security camera footage stored in the cloud, saving us from having to store the video at home, and the cost savings of moving the intelligence from the individual devices into cloud-based services.

    Cloud connectivity, using someone else’s computer to offload processing, is currently a band-aid to reduce a product’s time to market and decrease the per-device cost. As an example, one of the most popular consumer IOT ecosystems requires broadband connectivity to turn a light on and off, or to open a door, even if you’re physically at home. Yet there’s no technical reason why an Internet service is required to broker a conversation between two devices on the same Wi-Fi network.

    Given that home IOT can be interconnected to various degrees, we should consider the overall risk of the implemented ecosystem, not just the individual devices we install. This risk changes depending on the sophistication of the home in question.

    The disconnected smart home

    If the home has no Internet connection (or there is no bridge between the home IOT devices and the home Wi-Fi/Internet connection), there is minimal risk. Connection schemes such as X10, Zigbee, and Z-Wave are “localized”; a physical presence within their reception range is required. Many automation systems, such as Lutron and Insteon, donot require any Wi-Fi or Internet connection.

    To be hacked, someone has to physically come to your home, a step the smart home security system is designed to mitigate.

    "We also eagerly await the discoveries from DEFCON 2015’s IOT Hacking Village, a competition designed specifically to find vulnerabilities in popular home IOT devices"

    Disconnected devices communicating with a home-only connected hub

    The second case involves home IOT devices that connect to a Wi-Fi hub to allow them to be controlled via PCs, smartphones, etc. One example is Phillips Hue: the individual light bulbs talk via Zigbee to a hub, which connects to Wi-Fi to allow control through smartphones and tablets.An Internet connection is not required to control the system.

    For hackers to compromise this architecture, they need a footprint within the home network.This could be a compromised PC or home router, but they can’t simply come from the Internet and directly attack the home hub.

    Appropriate endpoint anti-malware products assist greatly in mitigating the risk, as does using WPA2 or better Wi-Fi encryption to prevent intruders from gaining access to your home network.

    Internet-connected devices and devices with Internet-connected hubs

    The most risky situation, and the one currently most under attack, allows devices (or their hub) to talk directly to the Internet. The infamous example of the compromised baby camera was simply an Internet-accessible device using default passwords.

    Hacking websites trawl the Internet looking for connected security cameras using weak or default credentials. Any device directly accessible from the Internet needs the highest level of designed-in security and attention, because they are the most accessible and easiest to probe for weaknesses.

    Unfortunately the trend in home IOT is to offer Internet-connected devices. Given the rapid evolution of this market and number of companies competing for a share, information security often becomes an afterthought.

    At the moment, there are few ways to protect such an environment, other than to trust that the device and hub manufacturers have implemented robust security, and that any vulnerability will be quickly patched. However, it may be the homeowner’s responsibility to apply such patches—making it vital that you understand what devices you have, how they obtain updates, and any known vulnerabilities.

    The Future

    The security industry predicts significant changes in the home IOT space during the next decade. Smarthomes are moving from cool to useful, but an Internet outage that knocks out the lights is something the average homeowner won’t tolerate. Processing and intelligence need to move back into the home, under the homeowner’s control, especially for automation and security features.

    Having the intelligence of your home IOT depend on cloud processing will naturally be replaced with a smart “black box” in a closet, perhaps merged with media storage and entertainment features.

    The “smart home” of today is really a dumb home connected to a smart cloud. That must change, as we empower the next generation of homes to be smart in their own right.

    Read Also

    Know How to Sell Networking as a Service

    Know How to Sell Networking as a Service
    NFV and SDN: core units of a modernized network

    NFV and SDN: core units of a modernized network
    SDN Scalability for the Internet of Things (IoT)

    SDN Scalability for the Internet of Things (IoT)
    Know if Your Energy Suppliers Fit Smart Meters

    Know if Your Energy Suppliers Fit Smart Meters

    Weekly Brief

    loading
    Top 10 Networking Solution Companies - 2018
    Top 10 Networking Consulting/Implementation Services Companies - 2018

    Featured Vendors

    PepNet

    Allan De Brincat, CTO

    CISCO Systems

    Brink Sanders, MD, Software & Network Transformation, APAC & Japan
    ON THE DECK

    Networking 2018

    Top Vendors

    Networking 2017

    Top Vendors

    Networking 2016

    Top Vendors

    Previous Next

    Copyright © 2020 APAC CIOoutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy Policy  |  Sitemap |  Subscribe

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://networking.apacciooutlook.com/ciospeaks/secure-smart-homes-need-control-on-site-not-in-the-cloud-nwid-649.html