<img height="1" width="1" src="https://www.facebook.com/tr?id=592970107542511&amp;ev=PageView &amp;noscript=1">

IoT and the Security of 75F

Oct 24, 2016 11:25:03 AM

Last week, the internet experienced a large-scale distributed denial of service (DDoS) attack which used Internet of Things devices to propagate itself. The security of IoT has become a hot topic, for within the revolution of IoT lies the opportunity to subvert these devices to become part of a botnet. Out-of-date firmware, default admin credentials, and the sheer number of these devices can leave them vulnerable to attack.

75F believes in stopping these attacks before they start by enforcing correct design policies in the first place. Our CEO Deepinder Singh was interviewed by TechCrunch back in August, where he spoke about the risks of botnet attacks and emphasized ways to protect IoT devices. High levels of encryption, multiple data storage locations, the enforcement of unique login credentials, and a hardened Android front-end are some of the ways 75F ensures security at every level of our system.

Locked Safes & Trunks Indicating Info is Highly Secure

Hardware & Software Security

75F uses a hardened version of Android as a secure gateway to protect all our devices. From a software standpoint, we use a kernel which is not remotely upgradeable and an application which is limited to only the permissions it needs to function. Our devices are thoroughly field tested – this eliminates the need for over-the-air updates which can leave devices vulnerable to attack.

We chose to provide an actual UX interface on our devices for configuration (a touch screen on our gateway, and buttons and an LCD screen on room modules), so there are no open TCP ports. For situations where remote access is required, we enforce the creation of a distinct account and password as part of our setup process to protect against attacks. To learn more, check out our Security and Reliability Tech Brief.

NSA Approved

Our Wireless Room Modules (WRMs) and Central Control Unit (CCU) communicate over a hardware encrypted mesh network – which is considered the most reliable and secure network available. For all communication happening across the mesh network, we use 128 AES encryption - the same level of security used for the majority of online banking.

Communication between the CCU and our cloud servers uses an even stronger level of encryption: 256 AES. It’s the strongest level of encryption available, and it’s approved by the NSA for sending TOP SECRET information.

Thumbs up in approval for the strongest level of encryption available, approved by the NSA for sending TOP SECRET information

Data Reliability

Data reliability means ensuring all data is backed up appropriately. Our backend data as a service provider (DaaS) automatically backs up application and configuration data on an hourly basis, and retain backups for up to 30 days. In addition to hourly DaaS backups, we also back up your data daily in two additional places: the CCU and a separate service provider. Your data is stored in three separate places, ensuring maximum security.

Secure Data Storage

Storing secure data on the cloud is a great concern. For all of 75F’s data storage, we use a database service which uses the Amazon Web Services platform (AWS), backed by Amazon. AWS is one of the most popular cloud storage platforms in the world. Its cloud services regularly undergo rigorous security audits and have completed the requirements of major security certification, which are detailed here.

Central Control Unit, or he brains of the system that replaces the traditional Thermostat

Our database service employs layers of user authorization and authentication, requiring passwords to access all levels of data down to the last row in the database. No data is accessible unless the user is authorized, allowing for precise control. It also uses custom hooks – which are small bits of code required every time a call for data storage is requested. These hooks can be executed before or after a save, delete, or fetch, allowing total control over how and when the data can be fetched or modified. We also report any unidentified packets back to our cloud hosted servers. There, they are analyzed by our central alarming infrastructure, allowing for identification. 

75F has been an advocate for IoT security since the beginning. We believe in stopping botnet attacks at the source by ensuring secure product design and secure gateways which protect all on-premise devices. 75F has taken all the steps to ensure safety and protection against attacks – and as leaders in the IoT revolution, we remain a step ahead.

DOWNLOAD OUR FREE SECURITY WHITE PAPER

 

Pankaj Chawla

Written by Pankaj Chawla

Related posts

Lists by Topic

see all

What Is a 75F Health Check?
The Smart VAV with Reheat System
What Are Our Security Protocols?
Spotlight: Kelly Huang, Videographer
The ROI of Relamping Your Restaurants
75F Ends All Thermostat Wars
Top 10 FAQ's About Our Security
How to Stay Competitive in Retail
Is Data the New Natural Resource?
Smart Thermostat vs. Traditional EMS
75F vs. Energy Management System
What Does 75F Do?
Team 75F Snow Tubes at Buck Hill
75F Happy Hour
2016: Year in Review Video
2016: A Year in Review
IoT and the Security of 75F
Meet the Sales Team
75F Enters India
CEM7 2016
RFMA 2016
Introducing Our Dynamic Team
A 75F Holiday Story
Multiple buildings. One portal.
Spring Recap
What is Dynamic Airflow Balancing?
A Year in Review
A big problem in small buildings