Why Security Vulnerability Needs to be The Connected Home Main Focus for 2015

  • Posted on: 8 March 2015
  • By: Patrick Oliphant

I think security poses the greatest risk to the growth of the connected home market. The many reports of hacking and vulnerabilities in connected home solutions throughout 2014 caused many to raised concerns about the readiness of these solutions for consumers.  I see these issues as signs saying the sector has more work to do to improve security. The good thing is we are still at a stage where we can fix these issues and build better solutions to gain public trust.

In 2014 we had two major hacking incidents which made major news headlines; in one, someone was able to hack a baby monitor and the other a refrigerator.  In the latter part of the year the misfortune cookie vulnerability was discovered by Check Point Software Technologies in many of the world’s popular home routers, and these are just some of the security issues.

Privacy is now a global concern for consumer, especially for those who want the flexibility of the connected lifestyle.  Before, once our house was lock and the alarm activated we would feel our home and contents are protected.  However, the dawning of Internet of Things (IoT), physical intrusion is not necessary for us to lose money or have our privacy invaded leaving us feeling vulnerable.

All connected home solutions, whether it’s a device, software or solutions going on the market need to be re-evaluated from a security stand point. Otherwise we are going to see more embarrassing news of hacking or vulnerability which in turn will cause the public to distrust connected products and services.

I know it is easier said than done when there is the pressure to be first and to get to market quickly.  It is also difficult when the main purpose or feature of the device and solution is ease of connectivity. The sector: chip manufacture, software developer and OEM (Original Equipment Manufacturer) needs to work together and put more emphases on security to give the public more confidence in connected home devices and solutions.

However, leaving it up to the consumer to purchase the relevant antivirus and firewall is no longer an excuse. Because, protecting our home computer is not good enough and no longer applicable when everything in our home has the potential of connecting to the internet and be controlled from there.

The home needs better home gateways not more complicated but ones with better security, with the option to have them updated when vulnerability are discovered. This is where I think TR-069 and IPv6 comes in handy to help keep home gateways and other devices updated without waiting on the consumer to do it.

Some of the responsibility needs to be with the consumer because many are just happy to plug-in see that the device work and that’s it, they never bothered to configure the security. The general public needs to be educated not in a scare mongering way but in a way that they understand what is at stake if device security guidelines are not followed when setting up these devices.