At the Smart Homes and Building Association (SH&BA) “Smart Home Breakthrough Summit” last week, a new Cyber Security Manifesto was unveiled by CONTEXT, a leading European IT market analysis company, and the SH&BA Security Panel.
The Manifesto brings together leading retail voices in the smart home including Intel, Dixons Carphone, Euronics and Deutsche Telekom to discuss industry recommendations for securing the smart home. These principles are designed to ensure consumer trust in the ecosystem.
The Smart Home Security Manifesto comprises the following recommendations for the industry across three categories – data security, data policy and consumer support.
1. The smart home must be secure by design – Security cannot be added as an afterthought. Products and services must be secure across design, development, promotion and maintenance stages, and throughout the entire supply chain.
2. The smart home must be able to authenticate all users – From knowing your heating preferences, to recommending which movie to watch, it is vital that everyone connected to the home network can be accounted for.
3. All data that flows through the smart home must be encrypted – This is especially true of the personal and financial data of users.
4. More must be done to deliver end-to-end security – As most smart home devices and services will connect through the cloud and other data centres, each step must be secure and not endanger the end-user.
5. Companies must adopt transparent data policies – It must be made explicitly clear what personal data is collected and what that data is then used for. Consumers must be told if any company sells their data to marketers or any other third-party.
6. All smart homes must offer the same level of privacy as homes do now. That means when the doors are closed, and the curtains pulled down, no company or person should expect to be able to access any activity of the home owner.
7. All smart home devices and services must be accessible and understandable for all users, regardless of technical prowess – The end-user should never be blamed for a security vulnerability that arises in the installation or the running of a product or service.
8. All devices and services must launch with long-term support – This means regular security updates and on-going support must be made available to ensure consumer peace of mind.
At the Smart Home Breakthrough Summit the SH&BA also released a “Cyber Essentials at Home” leaflet to help consumers, which can be downloaded from the Qonex website, one of the contributors to the advice.