Should we leave automation to the workplace?
Automation is no longer an office-only reality. It’s increasingly entering our home lives. It’s keeping our houses warm, managing our light use — even alerting us when we’re running out of milk. But for all its benefits, is home-based automation safe?
In the workplace, we have specialist security measures. The tech we use — such as automation — endures vigorous research, monitoring and protection by a team of professionals. This is not the case with most home automation.
So, should we be auditing smart home technology in the same way we audit our office automation? How can we ensure security when inviting automation into our homes?
Automation: home vs office
With automated email handling, encryption and data entry, office automation is a staple part of the workplace. It comes in the form of software that you install on existing systems (servers, computers etc.) and tailor to your specific needs. Because it’s often used to handle data (both sensitive and otherwise), its security is integral to its usability.
Home automation is a bit different. With home automation, you need to buy specific hardware as well as manage the software and the network that controls it. So, for instance, to automate your front door lock/unlock, you need a smart, internet-connected door lock. To automate when your lights turn on, you need special, internet-connected light bulbs, and so on.
These items allow you to do things like set your door to unlock whenever your phone connects to your Wi-Fi network. Or you can set your lights to switch on at 6 am every day. Or you can have your fridge send you automatic alerts when you’re running out of milk.
However, the internet connectivity of these products is also where the potential security risks lie.
Measures taken in office automation
Office automation often handles sensitive data and integral functions. If it’s an insecure solution, prone to malfunction, it can cause disruption to a business’s data protection and workflows. So, the software is subject to careful research, monitoring and protection by in-house professionals.
Once the automation is installed and set up, it’s monitored. For instance, the operating system and software logs might be analysed for signs of potential issues.
Plus, in-house security measures keep automation software well protected. This means only authorising the required access for any one user. It means strong password policies. It means keeping the software up to date with updates and patches.
These research, monitoring and protection practices are rarely applied so thoroughly to home automation.
Risks of home automation
Is that much security necessary for home automation? The answer may be yes. There are three categories of risk that unsecured smart homes pose to homeowners.
First, there’s the issue of stability; the likelihood and effects of a technical malfunction. The internet goes down, for instance, or some of your hardware experiences a fault. But what happens when such a fault is with your door lock or alarm system?
There’s also the discussion about how easy it is to hack a smart home. Researchers at the recent San Francisco RSA conference demonstrated how the IoT platform behind smart gadgets provides a weak link. So, if someone accesses our private Wi-Fi, or compromises a single device on our automation network, we risk losing control of the whole system.
The security issues around home automation aren’t just theoretical hackings. Take the Ring revelation, from January this year. This revealed that footage from Amazon’s Ring cameras was being stored, but not adequately secured. This marks a huge risk for users of the smart doorbell in terms of both security and privacy.
It’s not just Ring that’s made home automation headlines as of late. Google’s Nest Home automation platform has also faced backlash this year after the revelation that the hardware has a hidden microphone.
So, home automation has the potential to both watch and listen to our private lives. Breaches do more than invade our privacy — they can make our homes unsafe.
Required care for home automation
It seems clear, then, that there’s a distinct need to audit our home automation as we do our office automation. So, what are the steps we should take to keep our home automation as secure as our office?
First, be patient. With office automation, choosing a solution involves careful research. We need to replicate this when choosing our home automation technology. So, look for quality brands, and then look at their track record for security. Read their reviews and analyse their customer satisfaction. Always investigate the security measures and promises they make as a vendor.
Second, be scrupulous with your own security measures. Use two-factor authentication for your log-ins. Use long, unique passwords — even for your Wi-Fi. Security experts parrot this sort of advice over and over because it’s effective. It might sound like an inconvenience, but this is your home, it’s worth keeping it secure. You should also be sure to install updates and upgrades as they become available. This helps you keep in-built security up to date.
Third, regularly check what devices are connected to your network. If there’s one that you don’t recognise, you may be facing a potential breach. So, you can act before any damage is done. (By changing your log-in credentials and removing unknown devices.)
Finally, prepare for system failure, and have a back-up plan. It could be a power outage, or it could be an issue with the system. It’s a fact of life that sometimes, stuff breaks. So, when your automation is set up, turn it off and see what you can and can’t do. Then, devise a plan for how you would deal with an outage or malfunction.
Keep your home secure
You don’t need to be a security expert or IT professional to ensure the security of your home automation. All it takes is some patience, due diligence and the effort of typing in long, unique passwords from time to time.
As home automation rises, we could be at risk. So, aim to give your home the same level of safeguarding as your office.
Note: we originally published this article here: https://www.cpomagazine.com/cyber-security/should-we-leave-automation-to-the-workplace/