The IoT and Cybersecurity: Important Considerations for Architects and their Clients
By Lorianna Kastrop, Vice President, The Kastrop Group, Inc. Architects
We love our gadgets, don’t we? We have smart phones, smart TVs, and smart watches. Now we have the option to build smart buildings and smart houses. The Internet of Things is catching on fast. More and more of our devices are connected to the internet and when everything from computers and home security systems to baby monitors and refrigerators are online 24/7, they can be hacked. As we learned from the cyberattack that shut down major websites such as Twitter and Paypal last October while targeting the internet host Dyn, our devices can be hijacked for nefarious purposes.
If you like the convenience of these devices and want them installed in your home or office, you may want to consider cybersecurity as part of your decision-making process. Your architect can refer you to a consultant that can provide valuable technical expertise for your project. A recent article in the San Francisco Business Times headlined “The Dark Side of the Internet of Things” summarizes this issue and ranks several installed devices as “Disastrous, Disruptive or Damaging”. These include IP-Connected Security Systems and Climate Control and Energy Meters (Disastrous), Smart Video Conference Systems, Connected Printers and VOIP phones (Disruptive) and Smart Fridges and Smart Lightbulbs (Damaging). Unfortunately, you must be a subscriber to view the article, but if you are a subscriber or wish to subscribe, here is the link: http://www.bizjournals.com/sanfrancisco/news/2016/11/03/internet-of-things-hackers-dyna-attack-cyber-ddos.html
That is alarming and it doesn’t even address the privacy issue, an Orwellian concern that is becoming more real every day. “Wired” published an article titled “Smart Homes of the Future Will Know Us by Our Heartbeats” https://www.wired.com/insights/2014/10/smart-homes-of-the-future/ If that makes you cringe, then maybe you will want to be thoughtful about what you are installing and how much security is built into the device. If you are thinking that it would be cool to have your surroundings and devices programmed to recognize and respond to you automatically, then maybe you are one of the early adopters of this technology.
While we don’t take a positive or negative approach to the Internet of Things, we do want our clients to be informed about their choices. Some of our clients are eager to install these new devices and we will create designs that incorporate them. Others choose just a few options, such as home entertainment systems and wi-fi, but aren’t ready to jump into the deep end with IP-connected infrastructure.
When you are making these decisions, you can start by checking with the suppliers or manufacturers of the devices you are considering installing at your home or business and ask about how much security has been incorporated into them. Some of this information is already available online, and you can use your web browser to access articles regarding device security. Whenever possible, use two-factor identification, such as getting a text on your mobile phone whenever your system has been accessed to verify that you initiated the access. Use complicated passwords that can’t be easily guessed and don’t use the same password on all your devices. Yes, this is an annoyance. There are good password storage applications available, such as LastPass, to help you with this chore.
As architects, we want your built environment to meet your needs. We want you to have access to modern conveniences. In this new world of rapidly advancing technology, we are also learning what is safe to use, and what might pose a concern. It is worth taking time to do the research and make careful choices.