internet of things

How home security is transitioning from a traditional passive model to an interactive paradigm

The professional security market is a mature and stable industry with a proven business model that has successfully worked for decades. In recent years, however, there has been an unprecedented technological revolution that included several factors, such as the advent of smartphones and IoT and the proliferation of cloud-based services all of which has brought improvements in connectivity and new forms of interactivity. This has led the industry towards some major changes.

These changes have caused the traditional security market to shift into more interactive security, providing a combination of professional monitoring services together with interactive capabilities for the end user. According to Strategy Analytics, by 2020 there will be more households with interactive security than traditional security. It is easy to understand why: consumers prefer the capabilities that interactive systems provide. One example is the ability to verify an intrusion with their smartphone after receiving an alert that someone entered the house. While with traditional security, users were passive, and did little more than turn on their alarm when they left the house, with interactive security they have become actively in control of their home s features. Full control But it s not just about security. Interactivity also enables home security solutions to work with other connected living devices, such as smart thermostats or connected light bulbs. This brings together all the benefits of traditional home security with modern, connected, home automation, placing full control of the house into the homeowner s hands. In the words of William Ablondi from Strategy Analytics: Consumers want their security systems to not only protect their families and their homes, they increasingly see them as the foundation of total home control.

Perhaps the path to interactivity started with SMS alerts that warned of a potential burglary every time an alarm went off. But it was the smartphone that turned everything upside-down and set the up-to-now predictable and stable security industry into a furious race towards interactivity. Interactive security has forever changed the traditional business model, and blurred the lines between professionally monitored and DIY security Despite fierce competition, security service providers can now offer the best of two worlds: they get to provide professional monitoring and other traditional services together with new interactive capabilities that make solutions better and more convenient for consumers, allowing them to gain full control over their home, with which they can interact from anywhere in the world. Besides, while the market scope for traditional security was narrowed to homeowners aged over 45 and in the higher-income side of the spectrum, IoT-enabled security has broadened that scope. It has democratised home security, which is now available to all types of users, across all budgets and housing situations, from younger millennials to renters, who can take the system with them as they move to a new house. Also, interactive security solutions can provide service providers with data about user s activity, which could be analysed and used in order to improve user experience and prevent customer churn. Interactive security has forever changed the traditional business model, and blurred the lines between professionally monitored and DIY security, creating several hybrids and flexible, in-between solutions that adapt to the needs of every type of customer, even as those needs change and evolve over time. Although traditional security systems are still in the majority, the exponential growth of interactive solutions shows that interactivity is here to stay and that it will soon surpass the traditional model, fuelled by consumer preferences and the latest technological trends. Free download: The video surveillance report 2017 Sponsored by IDIS The Video Surveillance Report 2017 covers all things video surveillance based on a poll of hundreds of security professionals.

Specifically looking at topics such as open platforms, 4K, low-light cameras, video analytics, warranties and this year due to the growing threat posed, the cybersecurity landscape.

Click here to Download now

Kitemark standard would be a progressive step towards strengthening IoT security

Symantec internet Security threat Report The recent Internet Security Threats Report from Symantec highlights that last year cyber attackers have been fishing for gold in all areas and frequently finding success, as seen by the sheer regularity of breach reports in 2016. While malicious emails and ransomware continued to wreak havoc on businesses and consumers alike, the study again highlighted new threats coming into the spotlight thanks to the increase in usage of connected devices. In an era where data is becoming the new currency, all personal and professional data needs to be properly protected especially with GDPR regulations fast approaching.

As more businesses take advantage of the benefits the internet of things (IoT) can bring to their business, they also need to utilise technologies available to them such as machine learning to help analyse and help detect and improve weaknesses in a network and spot abnormal activity when it occurs. We can expect various forms of attacks to continue to increase. There is no excuse not to be prepared. As we continue to see the exponential growth of connected devices, we will continue to see security issues that we hadn t even considered before, such as the Mirai botnet of 2016. Lessons will clearly be learned such as avoiding hard coding IP addresses, use of default password, while many of the protocols designed for smart connected devices will have their own potential flaws and vulnerabilities which organisations will have to tackle. Online Trust Alliance (OTA) To help make securing internet-connected devices easier for businesses, the Online Trust Alliance (OTA) has produced a framework in IoT security, offering guidance on how to secure embedded devices. This introduction of a kitemark standard for IoT devices is a progressive step towards ensuring safe practice is followed and that security of such devices against these types of hacks is stopped at source. In short, we can expect various forms of attacks to continue to increase. With this knowledge there is no excuse not to be prepared.

Cybercriminals are entrepreneurial, well-sourced and motivated and Symantec s report once again demonstrates that the threat of attack is a growing problem. Organisations and consumers need to be wary of attacks, as the damage could be far greater than just financial and reputational. Organisations must now realise that they can no longer afford for cybersecurity not to be their number one priority. Ensure a solid security strategy at Borders & Infrastructure Expo Join other high-end security professionals at the launch of Borders & Infrastructure Expo, in conjunction with Europe s most renowned security event, IFSEC International, addressing your critical needs for large-scale security projects. By attending, you ll access leading security providers showcasing the latest advancements in both physical and cyber solutions.

Click here to register your place now to join us at London Excel on 20 22 June 2017.

Internet of things bubble will burst in 2017, predicts Wired Magazine

Internet Of Things Bubble Will Burst In 2017, Predicts Wired Magazine

IoT trends Wired magazine has prophesied the demise of the internet of things (IoT) in 2017. As predictions go it s pretty bold given sales of internet-connected devices already number 12 billion worldwide and are projected to grow to about 30 billion by 2020. On the face of it, the tech bible has really stuck its neck out on this one.

Except Wired hasn t actually forecast the demise of internet-connected devices per se ; rather, it s the IoT term itself it believes is on borrowed time, along with an assumption associated with it: that no object, however mundane, cannot be improved with a computer chip. The Internet of Things was a made-up term to begin with, says the article in question. And now this bit of marketing nonsense carries a sheen of ineptitude, danger, and other shit. The upshot: the term will die in 2017, kinda like Big Data before it. Visitors to CES 2017 in Las Vegas test out some VR headsets The success of a Twitter account called the Internet of Shit, which tweets disparagingly about the myriad IoT devices being launched to more than 100,000 followers, augurs ill for the IoT, says Wired. To test out just how widely the IoT concept was being applied to everyday things , I drew up a list of the most mundane objects I could think of and Googled them with the prefix smart . Of the seven I Googled, four had already been enhanced with a computer chip and Wi-Fi connection (in the IoT camp: toilet roll holder, duvet cover, cushion and mirror; still stuck in the analogue age are sofas, breadbins and shoehorns). Yeah baby shove my smartphone in a 20lb bottle of water with a speaker or whatever #CES2017 pic.twitter.com/4yjkvXPPR6 Internet of Shit (@internetofshit) January 7, 2017 The other problem and one exacerbated by the sheer volume and range of IoT products is the cyber threat. If the media has played its part in hyping up the IoT, then it will also play a key role in facilitating its decline thanks to the slew of stories about the security risks posed by connecting your home.

Long focusing their fire on corporations albeit it s consumer data that is usually stolen tech writers and security experts are now warning of a frightening new spectre: that criminals will turn their attention to smart homes that lack the enterprise-grade security enjoyed by Fortune 500 companies (which is still shown to be lacking in so many cases). Wired noted that in September, nearly 1.5 million IoT devices (mostly surveillance cameras) were hijacked and that the following month, the same piece of malware rendered large swaths of the internet inaccessible to many people. The IoT has also been damaged by bricked devices, irritating outages, bankrupt startups, an international emissions testing scandal, and a viral story about a Brit who spent 11 hours trying make tea with a needlessly high-tech kettle. Aware of this perception the IoT industry has been scrambling to remedy vulnerabilities such as the widespread use of default usernames and passwords that hackers can easily find by trawling Google. At CES 2017 Symantec Norton unveiled what it claims is the most secure router in the world and is certainly one of the most aesthetically interesting. A geodesic orb, it looks like it could be an object of portentous power in a sci-fi fantasy film. Symantec Norton s Core Router Securifi, meanwhile, launched a mobile app that highlights vulnerabilities like easy to guess passwords or open ports and shows users how to remedy them. The next-generation of Bitdefender BOX was launched in Las Vegas too. Bitdefender s IoT security hardware protects against malware, hackers, ransomware, phishing and other online threats with data anonymization, malware scanning, machine-learning algorithms and network intrusion prevention technology.

Clearly, the IoT has been on the well-worn path followed by so many tech crazes. First, there s a lot of hype, but also considerable teething troubles where products malfunction or work less effectively than promised. Developers don t yet know what customers want from the tech, so there s a lot of trial and error and dud technology (that people later mock with the benefit of hindsight). Eventually, issues around usability and compatibility and cyber security will be remedied to a large degree and a clearer picture will emerge of what the IoT or whatever it is called by that time is for and what kinds of things can really benefit from internet connectivity. As Wired writes: The Internet of Things or whatever you want to call it has the potential to save precious resources, spot and fight pollution, and help people lead healthier, safer lives. But adding internet remote control to every single product on the market won t necessarily help us get there. What we need are thoughtful, affordable, durable devices that actually, y know, make our lives better. A new name, and a renewed sense of purpose, could be just what the Internet of Things needs. Click here to read the original feature in Wired, which also makes another four tech predictions for 2017.

Download: The Video Surveillance Report 2016 This exclusive report covers the security needs of surveillance systems as shaped by the physical environment including: What do security professionals think about plug-and-play systems Challenges like low-light conditions or large spaces and the threats posed in various sectors Which cutting-edge features such as mobile access, PTZ smart controls or 4K resolution are most important to security professionals What are the most important factors driving upgrades and would end users consider an upgrade to HD analogue Download the full report here.

“IoT can be a force multiplier for physical access control”: Q&A with Allegion CEO

“IoT Can Be A Force Multiplier For Physical Access Control”: Q&A With Allegion CEO

Dave Petratis, the president, chairman and CEO of Allegion, joins IFSEC Global in conversation about his own company s IoT-angled direction of travel and potential applications for the internet of things on the wider industry. Founded in 1908 Allegion operates in more than 120 countries through 31 global brands including CISA, Interflex, LCN, Schlage and Von Duprin. IFSEC Global: What is Allegion doing right now in terms of IoT products and services?

Dave Petratis: Innovation is one of Allegion s five strategic growth drivers, and the internet of things continues to be a prime focus for us as we expand our connected portfolio in commercial, multifamily and residential markets. We ve seen the most demand for this in the Americas region, but there is a rising global interest around IoT products. By early next year, we will offer a complete suite of connected cylindrical and mortise locks in the commercial market as part of our ENGAGE technology platform strategy. The Schlage NDE and LE Series wireless locks are designed to reduce the cost of managing physical access control and are able to be installed in minutes. These solutions work with the systems that end users already have in place to extend the benefits of greater security, lower cost of operation and higher user convenience to more doors deeper inside the building. Allegion has also created Schlage Control Smart Locks as the next generation of electronic access for the world of multifamily. Property owners can use Control to manage both residence and common area doors on a single, superior system and from anywhere using cloud or web-based apps. Residents can use smart cards and phone credentials to unlock their doors. For our residential customers, we are very excited about the opportunity we see with our HomeKit-enabled Schlage Sense.

It s one of the strongest, most intelligent Bluetooth-enabled locks on the market, with the highest industry rating for security and durability. In Europe and Asia Pacific, SimonsVoss is revolutionising the small and home offices market with MobileKey, which launched earlier this year. MobileKey is an intelligent access control system that allows app-based management for authorisation, time schedules and remote access of up to 20 doors and 100 users. CISA recently announced eFAST motorized panic exit devices, which can be connected to the SimonsVoss MobileKey system and managed electronically. Allegion is continually monitoring the market for new, disruptive technologies that will benefit our customers globally. IG: In what ways do you expect IoT to transform physical security in the coming years? DP: The costs and logistical challenges of managing historically complex physical security systems should be reduced in coming years with IoT technology. Expectations regarding IoT solutions will also mature, and there will be a heightened emphasis and importance placed on the next-generation technology being implemented properly. The IoT can act as a force multiplier for physical access control when implemented properly and that experience is going to be more important than ever.

That s because, when not done properly, the negative exposure can be significant. IG: In what ways do you expect IoT to change the role or business model of installers and integrators? DP: Installers and integrators will become increasingly more important. It is good to think of them as the conductors of a symphony of new devices and functions. All those devices make a lot of noise and dissonance independently. With a good conductor, they can make great music or a great experience together. IG: To what extent is there a danger that overreliance on IoT will create as many new security risks (ie, cyber) as those it solves or reduces? DP: Security risk concerns are already present. Careful planning by a trained professional who understands the core principals of physical access control is the best way to address those.

There is no substitute for experience, and nothing is 100% secure. Ultimately, it s about balancing security with convenience and having a plan for possible risks. IG: Do you have any other comments on IoT, the security industry generally or Allegion? DP: Allegion s focus has been and continues to be pioneering safety and security. This is an incredibly dynamic time for our industry, with great opportunity and excitement. Allegion has been involved with the IoT from the beginning and will continue to adopt new technologies that benefit our customers. We are a security company first, and will work to carefully deploy the best technology the right way, in the right environments.

Download: The Video Surveillance Report 2016 This exclusive report covers the security needs of surveillance systems as shaped by the physical environment including: What do security professionals think about plug-and-play systems Challenges like low-light conditions or large spaces and the threats posed in various sectors Which cutting-edge features such as mobile access, PTZ smart controls or 4K resolution are most important to security professionals What are the most important factors driving upgrades and would end users consider an upgrade to HD analogue Download the full report here.

How smart home security systems can create as well as reduce security risks

How Smart Home Security Systems Can Create As Well As Reduce Security Risks

If asked the question, Does your home security system increase your risk? most of us would scoff. After all, risk is precisely what home security systems are purpose-built to stave off.

Many of these systems are highly proprietary, so even the InfoSec savvy might not think about the kinds of exploits that work on more typical systems being effective on systems such as these, but it couldn t be further from the truth. Think about it: the system communicates data somehow, and that method of ingress and egress is a vector for attack. While your home security system might alert the fire department of a problem, it might also alert an actor (This is the term currently in-vogue for a cyber attacker who might utilize social-engineering combined with an acute technical prowess in order to pull off their nefarious deeds) that you re not currently at home. When it comes to breaking encryption, brute forcing the key space yields a 100% success rate The answer to the question posed above is that your high tech lighting systems WIFI-enabled safes, and motion detecting cameras all both mitigate some risks and expose you to others. There is simply no way around the fact that the iron-clad system of today is not safe to the ingenuity and computing power of tomorrow. (Don t forget that when it comes to breaking encryption, brute forcing the key space yields a 100% success rate.) Ageing systems Manufacturers for these systems especially rarely release firmware updates, doing so would run the risk of alienating their less than tech savvy customers. Even worse, a lot of ageing systems are out there and though they might have been a good purchase at the time, unless someone stays constantly vigilant to new threats problems are bound to arise. Less than a decade ago, the idea of a trusted network was standard practice. Now, with an uptick in attacks and no shortage of targets, we know this assumption to be folly. At the time, if you d purchased a system that communicates internally via radio frequency mesh network, and externally via GSM modem it would have been downright state of the art.

The manufacturer would have (and should have) patted themselves on the back for coming up with a system that doesn t even live on the same TCP/IP network running the meager computing equipment you had at the time. However, nobody is going out to purchase a new home security system after 10 years. People still haven t gotten used to the idea that technology runs on a different clock. Some might have expired medications older than that. Does that mesh network use encrypted communication? If it does, does it still use 1024 bit RSA keys? How far away would you have to be to snoop that traffic? Does an extended exist today that didn t exist then that would allow you to sit across the street? If not, will it exist tomorrow?

Introducing anything into our environment, even our home environment, incurs technical risk and technical debt, which must be paid off in the form of risk assessment and risk evaluation These are the sorts of questions worth asking, as introducing anything into our environment, even our home environment, incurs technical risk and technical debt, which must be paid off in the form of risk assessment and risk evaluation. Worse, there is a constant balance that needs to be maintained when putting the user in control of the update schedule. Perils of automatic firmware upgrades Any update has the potential to introduce problems as well as solve them, including vulnerabilities to attack. Completely automatic firmware upgrades on these sorts of embedded devices seem very tempting, but can unknowingly put the user at risk later on. Even if you do keep all of your equipment up to date, attacks are getting more sophisticated. Perhaps someone is able to install a modified firmware onto a device forcing it to act as a gateway a means of communicating from one network paradigm to another. Many manufacturers of Internet of Things devices include something like this on purpose in order to add functionality without rendering older hardware obsolete. To return to my earlier example, Phillips Hue works over the ZigBee protocol (notorious for being very poorly encrypted) for inter-bulb communication, ultimately tying back to what they call their bridge which is, at the hardware level, merely a gateway that translates back and forth between ZigBee Mesh Network and TCP/IP over Ethernet . The August Smart Lock offers the August Connect , which is merely a gateway that translates back and forth between your Bluetooth enabled lock and your Ethernet network by means of connecting to your WIFI.

Should these devices be compromised in the future by a savvy attacker, they could be reprogrammed to act in promiscuous mode and interact via web calls to other devices on your network. Of course, all of these attacks rely on imperfectly implemented or later compromised encryption and digital signature. It is the common denominator among all of these doomsday scenarios. It is why the role of the Certificate Authority continues to be so vital, scrutinising and trusting the public keys which make these systems function. Computers are binary systems, but the risks that we incur are not This is a scary reality we live in, and it is a fact of life that we will operate trusting entities transitively at some point. By trusting any system of importance, you are trusting not just the company that sells you the system, but the person installing the system, several people flashing firmware onto the device at the factory, that the company has good hygiene related to its master keys, that the machine it compiled its software on wasn t infected, that the compiler used to compile that software wasn t compromised at some point, and so on. Computers are binary systems, but the risks that we incur are not. They occur on a spectrum, and while it is a good shorthand to refer to something we can point at as inadequate and call it insecure and something state-of-the-art and call it secure , these are illusions. Something can only be more secure or less secure , and products that mitigate risk also can produce other headaches.

Unfortunately there s no perfect answer to a lot of these concerns. Just like playing the stock market, each consumer needs to decide what degree of risk they re comfortable taking on. It s up to all of us though to not encourage users to leave all the work to the professionals . Each person needs to be aware of what could happen, and what does happen every day. Download: The Video Surveillance Report 2016 This exclusive report covers the security needs of surveillance systems as shaped by the physical environment including: What do security professionals think about plug-and-play systems Challenges like low-light conditions or large spaces and the threats posed in various sectors Which cutting-edge features such as mobile access, PTZ smart controls or 4K resolution are most important to security professionals What are the most important factors driving upgrades and would end users consider an upgrade to HD analogue Download the full report here.

Smart cities and the internet of things: Fire safety installers harbour doubts about industry s readiness

Smart Cities And The Internet Of Things: Fire Safety Installers Harbour Doubts About Industry  S Readiness

About two in five installers of life safety equipment (39%) believe the industry is ill-equipped to meet the needs of the smart cities of the future, according to a new report. Commissioned by Hochiki Europe, Smart Cities: Building Life Safety into the Urban Landscape also revealed that 57% of fire safety installers weren t even aware of the concept of a smart city . Wikipedia defines a smart city as an urban development vision to integrate multiple information and communication technology (ICT) and Internet of Things (IoT) solutions in a secure fashion to manage a city s assets the city s assets include, but are not limited to, local departments information systems, schools, libraries, transportation systems, hospitals, power plants, water supply networks, waste management, law enforcement, and other community services.

Through the use of sensors integrated with real-time monitoring systems, data are collected from citizens and devices then processed and analysed. The information and knowledge gathered are keys to tackling inefficiency. Urban planners are only now scratching the surface of how advanced communications infrastructure can help enhance life safety provision to city residents. Simon May, Technical Manager, Hochiki Europe However, almost half (48%) of the installers polled said they felt confident that the life safety industry would be equipped to keep people safe as cities became smarter . A further 18% believed the citizens of these so-called smart cities would be safer than those living in less or non-smart cities. With smart cities now a focus for many global planning authorities given their potential to improve the sustainability and liveability of the built environment, urban planners are only now scratching the surface of how advanced communications infrastructure can help enhance life safety provision to city residents, said Simon May, Technical Manager at Hochiki Europe. Almost a quarter (24%) of those polled thought consumer demands for a connected, efficient and sustainable environment would drive the market. The most important aspect of a smart city, according to nearly a third (31%) was a metropolitan area planned with residents health and wellbeing in mind. Just over a quarter (26%) prioritised greater communications connectivity, while almost a fifth (17%) thought sustainability would be top of their agenda.

Asked to list the sectors most affected by smart technology, one in four (24%) installers thought facilities management would feel the greatest impact, followed by the life safety sector on 18%, the healthcare sector at 12%, education at 11% and construction at 10%. Examining the value of smart technology in city planning provides a breadth of information to help explore the impact of smart cities on life safety, both in terms of the possibilities they offer and the challenges that will need to be addressed to ensure we succeed in further improving fire safety in the built environment, continued May. In doing this, we can make sure every area of the sector is equipped to face the future, laying the foundations to deliver an even safer urban landscape that everyone can enjoy. Smart Cities: Building Life Safety into the Urban Landscape was based on the views of hundreds of installers across EMEA and India. Click here to download Smart Cities: Building Life Safety into the Urban Landscape by Hochiki Europe Download: The Video Surveillance Report 2016 This exclusive report covers the security needs of surveillance systems as shaped by the physical environment including: What do security professionals think about plug-and-play systems Challenges like low-light conditions or large spaces and the threats posed in various sectors Which cutting-edge features such as mobile access, PTZ smart controls or 4K resolution are most important to security professionals What are the most important factors driving upgrades and would end users consider an upgrade to HD analogue Download the full report here.