ISP opportunity: Protect the Internet of Things in the home

Consumer ISPs have a unique role to play in sanitizing and protecting the home from rogue attempts to subvert IoT devices.


Hey, telcos! Hey, cable and DSL providers! Here's an opportunity to offer true value-added services around the Internet of Things (IoT).

The IoT has invaded the home with fun, expensive, functional devices that are definitely personal even if they are not portable. Today's IoT home devices are premium products, yet given their practicality, they will be embraced by mainstream homeowners, renters, and even landlords. (Think about the potential synergy between the IoT and, say, Airbnb.)

Where the fun stops is in potential privacy concerns, and there's a value-added role that internet service providers (ISPs) can play in helping ensure an overall security posture for the IoT-enabled home.

Forget Fitbits and Apple Watches and think about the smart thermostat, the connected smoke detector, the digital door lock, the security system, the security cameras. Think about the Amazon Echo smart hub, Samsung Smart TVs with speech recognition, and even the pretty Philips Hue mood lighting.

Personal IoT devices, like those headline-grabbing Apple watches, use a smartphone as their connection hub. By contrast, most if not all home-based IoT equipment uses the home Wi-Fi network to connect to a cloud-based service provider. That's not universal; by default, the August smart lock talks to a phone via Bluetooth.

Some IoT devices also use Bluetooth for command-and-control. For example, you can pair an iPhone with the Amazon Echo and use it as a remote speaker. In general, however, the true hub of the home Internet of Things is the network router that acts as the DOCSIS head unit for cable or ADSL/VDSL head unit for DSL, with a few wired Ethernet ports and some flavor of 802.11 Wi-Fi in the mix.

All, or nearly all, of the home IoT traffic passes through that device. That includes telemetry sent into the cloud by the IoT devices, command-and-control pushed from the cloud to the devices (often through polling), firmware updates, and so on.

This centralized connectivity also enables the possibility for several types of mischief. Hackers might try to infiltrate the home router (which is often sitting with its default device password and either public Wi-Fi or one with an easy-to-guess password), and once on the network, get to the IoT devices. Hackers might also attack by attempting to compromise the cloud services behind the IoT and cause trouble that way. To pick a third possibility, the cloud service providers backending the IoT products might behave in a not-very-nice way. Certainly, some have expressed fear after seeing what various smart televisions were doing with their data.

There is an opportunity for ISPs: the DOCSIS or ADSL/VDSL device is smart, and working in conjunction with the carrier's data center, it can act as a smart filter, as a kind of automated firewall that understands the customer's smart home and works behind the scenes to safeguard it.

Consider the value of antivirus/antimalware that filters at the carrier level, protecting IoT devices that truly can't defend themselves. The home router could easily detect which devices connecting to its Wi-Fi are IoT (as opposed to laptops, desktops, phone and tablets), and learn which services are allowed to talk to them.

Only Nest's server, for example, should be allowed to poll to the home thermostat to see if the consumer is home or away. Only August should be able to push new firmware to the door lock. Only Amazon should be able to see which commands the Echo is processing. But even in those cases, of course, the consumer should be able to block those services at their home network perimeter, confident that the IoT service can't circumvent the firewall.

And heaven only knows who should be accessing the SmartTV's microphone. Wouldn't that be a nice feature to add to the home router's control setting page – block the smart television microphone.

With the right consumer-friendly front end, the carrier-based IoT firewall could go a step further, offering the customer an inventory of active devices and the option to require discrete authorization before a new device can go live on the network.

The era of the home Internet of Things is upon us; soon, these devices will be in nearly every house, apartment, condo, and even dorm room. Carriers have a unique opportunity to guard those devices, because the IoT's customer is the carrier's customer too. That's a value-add customers would very likely embrace. 

Copyright © 2015 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022