Security vs. information. It would seem to becoming a tug of war. More and more access to the information that is needed to do people’s jobs. More and more information available. More and more places you can access that information. More and more risk for the IT Security team.
The same is true for home users and home automation systems. There is a tug of war between what is possible and the risk possible brings. Where the enterprise IT Security team has people thinking about the risks of security for the organization, there isn’t as much energy devoted to home security. Partially because to date there haven’t been IT systems sitting in peoples homes. There won’t most likely be either. Your company laptop carries the corporate security on it, so they don’t have to worry about your home network.
The conflict is there however. First off do you have anything on your home network that someone would want. Or do you have something in your home of value? For the most part hackers want to attack electronic information. But if your home security system can be easily disabled then physical objects can also be at risk. For the most part though we are talking about digital objects. Obviously back up are critical. But what digital objects do you have in your home today?
What is at risk if your home is compromised?
First off this is not meant to be an alarmist blog – scaring people into pulling everything digital off their home network. It is instead a recognition that the market has changed. That the concept of private clouds have three distinct flavors now that are unique and different.
- Home Private Cloud: What you have deployed in your home, even if it is just a single computer.
- Managed Private Cloud: This is a VPC (virtual private cloud) or PPC (physical private cloud) provided by a vendor and not on your companies property.
- Private Cloud: as defined today, an on premise implementation of computing resources.
The problem is the first private cloud, home. There needs to be structured security standards around the concept of home private clouds. Those standards have to be easy to implement and reasonably hard to crack. Personally I think this is a massive market for the companies that offer home security and one they are missing. The Brinks, ADT and other security companies can offer you a managed home network security package. Where the centralized security they offer can be managed by network professionals. They add the cost (say $2 per month) to your existing home security system bill. This gives us step one, centralized initial security. The other thing, is a centralized home security box that is network aware. Managed by the remote security company, a box that smart devices know exists and they request tokens from the box (Kerberos works this way). That way your home security has a level of easy to manage device security.
Complexity and home security won’t work. People don’t like complexity. Our goal when we come home at night is to relax and read, watch TV, make dinner not to worry about remote hackers attacking the family photo store.
Home Private Clouds need to be a standard….