Modern days have created a shift from traditional homes towards Smart Homes encompassed with a variety of connected IoT devices. Newly constructed homes are already equipped with all sorts of equipment that are smart and, in a way, connected to our smartphones, smartwatches or dedicated control units. And for the traditional homes already constructed, several solutions are present and available to be used and installed to turn the home into a “Smart Home”.

When we leave our office or market, we would like to arrive at our home in suitable conditions and this is achieved by turning on air conditioning, heaters, curtains etc. in a certain state depending on the needs. However, there is a catch that you only want authorized individuals to control these smart devices and want to prevent any illegitimate actions from malicious actors. By default, this might not always be the case, this level of security needs to be achieved by performing regular penetration testing, risk assessments, audits etc. to achieve a desired state of security and safety.

One may then ask by securing what, indeed it is complicated as today there are all sorts of technologies, communication protocols such as BLE, ZigBee, MQTT to name a few which are widely used in low-energy consumptions devices and we at SafeKeep can help you determine and optimize the cyber security level by carefully analyzing your ecosystem, by going through the architecture of your solutions and finally putting in place scope and test cases before going ahead with actual testing, delivering results, and ultimately looking to optimize security posture with findings and recommendations.

As a very basic yet powerful example, if not taken care of an adequate level of encryption, timestamp etc. an illegitimate actor can perform what is known in security as sniffing (collecting of real-time data packets) while you are transmitting the signal by controlling your devices, say window strolls using your BLE device and if not configured properly the illegitimate actor can then utilize that same gathered signal and reply utilizing those communication packets sniffed to perform the same task.

Not only can security be an issue on your side but there are concerns that the software and solutions you utilize should have security competence as well. As examples, forcing users to create strong passwords, enforce multi factor authentication for login onto your centralized web application or mobile application to manage smart devices, then furthering security by periodically rotating credentials, and lastly monitoring the activities and alerting users of any anomalies found.

At SafeKeep, we can work with you to achieve better cyber security levels which will ultimately make products in a smart home safer and more secure.