Smart home and privacy: here’s how to make it more secure

With good smart home products and systems, it is possible to check and set which data may be transmitted to the manufacturer, for example

L ights, music systems, cameras, thermostats, door locks, lawn mowers, roller shutters: More and more can be networked at home. Smartphone or tablet become the control unit, with which the smart device army can be directed via apps.

But as connectivity increases, so does the flow of data, and many consumers are questioning which path the data actually takes and how secure the connections are.

Basically there are different ways to network home equipment. "In many cases, a so-called bridge is used for control," explains Timo Brauer of the technology magazine "Inside-digital.en".

Smart home network: by bridge, locally or in the cloud

Behind this is a kind of distributor for networked devices. "The bridge then connects one or more smart home devices to the Internet," says Brauer. "The smart-home devices, in turn, communicate with the bridge via Bluetooth or special smart-home standards such as Zigbee or Z-Wave in an encrypted way."

Another variant are purely local networks, for which you usually need a router. "In this case, devices are only on the move in the home network and not connected to the Internet at all. The advantage is the very high level of data protection, the disadvantage is the lower level of convenience, because an IP camera, for example, cannot be used remotely in this way," says Arne Arnold of the trade magazine "PC Welt".

Today, smarthome functions can be used to control lamps or radiators, for example

A third option is cloud-only systems. "In these smart home networks, user data and configuration data are also stored on external servers," says Jorg Geiger from the trade magazine "Chip".

"This applies, for example, to systems such as Apple Homekit, Google Assistant or Amazon Alexa." You always have to access the provider’s server to make settings.

More uniformity in the smart home

How secure the data is then on the move depends on both the user himself and the device manufacturer. "In principle, encryption should be used wherever data flows," says Geiger. Although transport encryption for data transfers is now standard. But so far there was no uniformity in the smart home, which made optimal protection difficult.

ILLUSTRATION - To the topic service report of Katja Fischer of 19 April 2021: Everything in the view: A 360-degree surveillance camera is located in the living space so that even absent residents at home don't miss anything. Photo: Franziska Gabbert/dpa-tmn - Free of charge only for subscribers of dpa-Themendienst +++ dpa-Themendienst +++

This is set to change with efforts to introduce a smart-home standard that virtually all major manufacturers and Internet companies, which have joined forces in the Connectivity Standards Alliance(CSA) , support across all industries.

It is called Matter (formerly Project CHIP – "Connected Home over IP") and, in addition to security and reliability, is intended to guarantee that smart devices can work together regardless of manufacturer.

Regardless of whether it's a smart speaker, a robot vacuum cleaner or a router, the security of the smart home devices themselves stands or falls with the firmware updates

"With the devices themselves, security stands and falls with the firmware updates. If these are not carried out regularly, security gaps arise," says Geiger. Especially with older devices, this can sometimes become a problem if the manufacturer discontinues support. But also the WLAN router must always be up to date on the software side and also secured with a strong password.

In addition, consumers should rather rely on reputable providers. "Brand manufacturers are often more concerned about this than no-name and white-label providers who sell their products on Amazon and Co. offer at reasonable prices," says Timo Brauer. In the case of renowned manufacturers, there are usually very regular and usually also automatic security updates.

With low-cost providers, on the other hand, it is often not even apparent where the products come from and where the servers are located. In addition, a separate password should be used for each service and each log-in. "Password managers can help keep track here," advises Brauer.

Good smart home products with transparent data flow

With good smart home products, the consumer can also check and set which data is transmitted. "Often usage data is transferred to the providers as a lump sum. You should be able to object to this when you set it up, and you also have to be able to intervene here afterwards," says Jorg Geiger.

Over the user interface is often also adjustable, whether the access is to be permitted over the Internet at all. "If you exclude this, you also increase the security standard in any case," says Arne Arnold. Such a setting could be useful, for example, even temporarily. A robotic mower, for example, does not need to be accessible via the Internet over the winter.

In the case of surveillance cameras, the videos are often on servers of the manufacturer

If data falls into the hands of others, it usually doesn’t happen on the home network itself. "The gateway for malware is almost always the service of the manufacturer. This is how hackers get access to customer data and ultimately to the devices," says Arnold. The consequences can be varied and ranged from malfunctions to the tapping of user data and passwords.

Smart home: keys and switches must remain

Especially for critical infrastructure at home Timo Brauer advises to always have an alternative tax option at hand. "For example, the smart door lock should additionally be able to be opened with a traditional key and the shutters should be able to be raised manually if the manufacturer’s server is ever unavailable."

Like this post? Please share to your friends:
Leave a Reply

;-) :| :x :twisted: :smile: :shock: :sad: :roll: :razz: :oops: :o :mrgreen: :lol: :idea: :grin: :evil: :cry: :cool: :arrow: :???: :?: :!: