Unhacked. Safety and Security with Z-Wave

Unhacked. Safety and Security with Z-Wave

For every three presentations from this year's CES that we've been seeing on new Internet of Things (ioT) devices and services, there seems to be a blog or Internet article about hacking a particular device, complete with a demonstration. So what does that mean for us with connected homes? Or worse, for the person surfing the sales literature for a new system. Do these new claims of hacking mean that connecting more devices leaves you more vulnerable to hackers? Should you throw away your z-wave controller? Skip on that z-wave device remote? Turn off your z-wave thermostat?

There is no reason to go crazy. Thwarting thieves is no different now than when people first had something worth stealing. A thief will get in, no matter what you do. Your job is to make it take longer than it is worth it for the perpetrator. That could mean with a hardware lock, sturdy door, or secured network.

Keep your Z-Wave network safe, if home or away.
At Home . . .

The first line of protection for the home automation user is the same that it's always been; control of your wireless network. Whether you have a WINK and a few wireless light switches, or a complete Homeseer setup comparable to NASA's mission control, keeping you and your family safe starts with network basics.                                                        

  • Don't broadcast your WiFi address. Your mobile devices or home automation interface connect through the internet, which then uses your home WiFi or cabled internet connection to talk to your hub. Don't allow network access by the neighbor snoop by hiding your wireless router. Uncheck SSID in your router's options or check your router's instruction manual for more information about making your router invisible.
  • Password protect your Wireless Router. Hiding the router may prevent the neighbor kid from pranking, but it probably won't stop the thief intent on breaking your home network. Make sure you use the encryption that comes with your router. Again, check your router manual for the best for you, or connect with a few message boards about your particular model for best practices. Making sure you use a unique password on your router blocks an easy route for hackers, but this step is ignored by many users.
  • Keep it secret. Keep it safe. Face it. You love your home automation. But showing it off might get you in trouble. Be careful who has access to your door codes, remotes and fobs. Lots of obvious security items might make thieves curious what you have inside and could potentially make you a target. The best kind of smart home has devices that blend seamlessly into the environment, and any security devices should follow this trend. Also with your home network, be mindful of who has access to your WiFi network. Use a masked guest access point for visitors and clients so you are only responsible of keeping your own smart devices safe.

While Away . . .

If you use the same thinking how you would thwart a pickpocket, you're on your way to protecting your smart home data.

  • Safeguard your phone using passcodes. A Smart App allows remote access to your home automation through your gateway or controller. Be sure this app is secured by locking both your phone AND the app with a unique password. If the App has such a feature, have a time out that signs you out of the the App if its unused for more than 20 minutes. Learn how the App works with your privacy, and share only the details you will need to make the device work. Consider each (push notifications, using your contact book, automatically connecting to any available WiFi network, etc) before activating. Another word about Apps . . . are you sure of the privacy agreements of any of those other 3rd party Apps you downloaded? (Flashlight, Calculator, Coupon Finder, etc). Think of how any possible leak of information could harm your smart home.
  • Keep your devices close. Don't let just anyone use your smart device. If your phone is on the fritz, will that repair guy in the mall peek through your information while fixing a cracked screen? Most retail outlets have exemplary safety records, but be mindful of your phone the same way you would with your bank card, or car/house keys. Don't mistake the reputation of the corporation (Apple Store, Best Buy, etc) for the fallibility of the individual employee.
  • Keep your devices even closer. If you access your smart home from a public source (internet cafe computer or public WiFi hotspot), take extra precautions against phishing and prying eyes. It's great to check in while on vacation to get some peace of mind, but in the back of your mind think internet safety. Clear caches, guard passwords, and consider changing passwords when you get home from your trip.
So, what are the odds that someone would follow you around on vacation to catch the password to your home automation controller? How about waiting outside your back door with a thousand dollar device to pick up codes when you operate a door lock? Do you think the mall employee would get your home address so he could stop by and jam your door and window sensors? Probably not any more than a house guest would chose your home for a robbery after one or two visits. But protecting yourself against potential attacks makes the chances even less.

Hacking into a Z-Wave network is not very likely. Z-Wave offers a unique Network ID, in combination with encrypted communication, to keep your home secure. It would require some advanced information and some technical skills beyond those of the common thief. It is not on the same frequency of other devices (WiFi, Zigbee, etc.) which further insulates the protocol. Use some common sense tactics, limit the exposure of your home automation information, add some traditional security measures, and you will be very secure with Z-Wave.

If you are looking for your Z-Wave home controller to provide security for your home in lieu of a wired security system, please look for the upcoming blog WAYS OF SECURING YOUR Z-WAVE HOME coming soon.
Back to blog