Smart elements in households are more and more wide-spread, but only a few are thinking about their security. As you would not leave the front door open, so you would not leave the virtual ones open as well. An uninvited “virtual guest” can cause a lot of damage and nothing needs to disappear from the house.
Majority of home automation systems will fail because of security
Nowadays, much is being discussed about IoT gadgets. However, we forget about home automation systems that have been on the market for a few decades. These systems easily work without being connected to the internet. Nowadays standard, however, is the remote control via internet. Any this is the biggest threat. These systems have security against data leakage and hackers at a very low level.
In order for a layman to understand, remember that any devices (computers, smartphones), including smart-home systems that are connected to a home network, are not directly visible on the internet – a public network. By being hidden beyond a so-called firewall (router) they are well protected from hacker attacks. Therefore it is important to have the firewall always turned on on the router and to have the home network well secured (complex password, updated software).
In case that you want to communicate with your smart home system remotely via internet, for example if you want to check temperature at home during vacation abroad, conventional smart home systems use two ways for that – Port forwarding a VPN.
Port forward is a way where the device is accessed directly on a public network. This device is not protected by a firewall and it is extremely vulnerable. If, moreover, the communication is not encrypted (which is the case for most conventional systems), anyone can capture the username and password, which can endanger the security of the entire home network.
Another way to control your smart home remotely is through a VPN – virtual private network. In this case the terminal device (e.g. smartphone) connects to the home network from the outside and behaves as if it was directly within the home network. Disadvantage of this way is its complicated setup and great vulnerability when configuration, for which a specialist is mostly required, is neglected.
Additionally, if a VPN security is breached, the hacker will have access to every single device that is connected to the home network. Thus the hacker will control not only bulbs or switches, but also the desk computer.
With both variants, a so called public static IP address is required, which may mean unnecessary monthly charges.
Is there a smart home system which thought about security in development?
Home security and smart home solutions can go hand in hand. An excellent example is the Czech-Slovak home automation system Domotron. It uses the most secure cloud system that is used to remotely control the household and setup of connected devices. In order for us to understand how communication security in this smart home works, we will first explain the communication style of each technology with the central unit and the cloud.
The heart of Domotron is a central unit, to which all home technologies are connected using special cabling. Offline control is a standard in the complex home automation systems segment. The whole system, as well as technologies control fully works without connection to the internet. This fact itself means that the household is secure. No hacker can access your home without internet.
Household with Domotron system is however connected to a cloud through the internet. Cloud service expands the basic functionality of the product. Thanks to this you can control technologies remotely, back up configurations or connect voice assistants to control the household with your voice.
Communication between the user, cloud and central unit does not work directly. In addition to it being a secure encrypted connection, the domestic headquarters communicates exclusively with Domotron cloud in a way that the cloud headquarters continually detects whether the user has not created a demand.
Communication between the cloud and the central unit does not require special settings, port forward, VPN, static IP address, or any other requirements that would reduce the security of the entire home network.
The user gets to communicate with Domotron cloud through the smartphone application and does not connect to his network or central unit at home. Hackers will simply not get to any data or devices at home. And we have not yet remarked that no one has ever been able to break this security.