The goal of the 'Internet of Things' (IoT) is to transform people's lives through smarter homes and businesses. As technology continues to make our lives easier, however, a downside remains: a real risk of security breaches. As devices in the home become smarter and connected to the Internet, we are faced with the reality they can be hacked. With researchers estimating more than 50 million connected homes by 2020, developers, consumers and retailers must make protecting customer data a top priority. Fortunately, Thread Group saw the security risks associated with IoT from the start, and as a result, provides protection in every Thread network across a wide variety of applications in the home, including appliances, access control, climate control, energy management, lighting, safety and security.
Smarter Devices
A smarter device typically means more complex and powerful processing within the device. More complex processing generally implies the use of a lot more code and providing connectivity requires the introduction of functionality typically not present in previous devices. This makes a device more vulnerable to the type of exploitation typically associated with larger computers such as desktop PCs and servers. Using a standard like Thread in conjunction with commonly available code libraries can help. Commonly available libraries in widespread use have the advantage of a large amount of peer review. Exploitation can only occur, however, if an attacker has access to a device and can penetrate the device to execute some form of attack. Physical access from an outside attacker is often difficult to achieve in a home. Physical access from an attacker inside the home is much easier to achieve, however it is not usually in the interest of a home resident to attack their own network. The one exception is for financial gain; in this case, the attacker could well be the homeowner. With connected devices, especially wirelessly connected devices, the ability to penetrate a device suddenly becomes a lot easier for both outside and inside attackers.
Connected Devices
The introduction of connectivity dramatically changes the vulnerability landscape of devices, especially when connectivity is based on wireless communication. Wireless communication is not bound by physically located wires. As a result, an attacker has the potential to surreptitiously obtain private and sensitive information or cause disruption simply by being in the vicinity, so communication between devices needs to be secured. In addition, it must be possible for a user to carefully control access to their home network. This is done by authenticating a genuine device and subsequently authorizing the device to become part of the home network and be given the means to communicate securely in the home network.
To summarize, it is safe to say we have entered an age where we need to worry less about the cost of security enhancements and more about the cost of not having it.By leveraging proven security mechanisms along with networking protocols like Thread, we can enhance the security of connected devices in the home.
In part two of this blog, we’ll dive deeper into some of the key security measures being addressed by The Thread Group.