The Security Interview
As with many things that hold your personal data, you (hopefully!) care about how secure your data is. I feel that too often these days, people just trust in the devices and services that they use without pondering some of the wider implications of their security in an increasingly digital information world. It’s something that I think everyone should be paranoid about and unfortunately too few people are. As such, after much debate with myself. I decided to put the security section of this review before the hardware itself, because to me it’s at least as important as the functionality provided by the Cozify hub and it should be that important to you to.
I had the opportunity to ask Kimmo Ruotoistenmäki (Founder and CEO of Cozify) some questions on a range of subjects, including security. Some of you may be aware that my day job is in finance. As such, I take data security seriously, even though I’m not a security expert myself. I’ve often wondered how those in different industries feel about security. If the answers to my questions Kimmo gave me are any indication, I’m reassured that industries outside finance that handle client data seem to be on board with the idea of taking data security seriously.
WCCFtech: Is the Cozify hub accessible to its owners from the net? If so, what kind of security is implemented to access it and prevent others from doing the same?
Cozify: Yes, the Cozify Hub is accessible to its owners over the net. To make this happen, the traffic is routed through our Cloud.
Short answer to the security question: All traffic in the internet is encrypted and we use JWT-token based technology to identify authorised UI devices from unauthorised ones.
Slightly longer answer to the security question:
- All communicated via the internet (phone to cloud to hub) is encrypted.
- Each hub has a privilege system to list users and their roles. Roles can vary between admin, user and guest.
- After authenticating the user, the UI device will receive a virtual “key chain” to access the users hub(s). These keys are used in the communication between the phone and the hub to determine an authorised user from an unauthorised one.
- The solution has been designed in cooperation with industry security experts and we conduct an annual 3rd party security audit on the system.
W: Regarding cloud servers then, I assume these are housed in some kind of high availability data centres?
C: We are currently using Amazon’s data centres in Ireland for IaaS. I believe their SLA for EC2 is 99.95%. We’ve had a very good experience on Amazon over the years with only one service outage in five years.
Keep in mind though that it is much more important to have a redundant and scalable setup than a very high SLA for a single server or server location.
W: So going back to the communication between phone and hub, I’d like to clarify this further. Does the cloud server merely allow the phone and the hub to authenticate each other or is all traffic actually routed through the cloud server? I guess the difference is once my phone is authenticated, does my phone talk directly to the hub for the remainder of that session time or is my phone always communicating to the hub via your servers?
C: The phone and hub will communicate directly whenever they are on the same local network. When you aren’t on the same network and connecting via the internet, all traffic is routed via our cloud servers, not just authentication. You can tell if you’re using the cloud servers or speaking direct from the app. If the cloud icon is visible in the top left, you are using our servers, if not then you’re local.
W: Ok, so another security point, you potentially have access to a lot of your clients’ data. Assuming that this data is visible to Cozify and its employees/contractors, what kind of security practices do you have in place to prevent abuse of this data?
C: The data is kept in data centres that have professional security policies. All of our employees and subcontractors have signed a confidentiality agreement and our core developers have Security Clearance with the Finnish government (Cozify is based in Finland).
As mentioned previously, we use several techniques to prevent third parties from snooping or attacking the system, this is work that we know will never end.
W: Do you data mine this data at all (even if you anonymise it first)?
C: At the moment we don’t really do what I’d consider to be “data mining”. We do access the data to improve the service, fix bugs and give personal assistance/customer support, but we do avoid accessing any detailed data without asking the client for permission first. We also monitor the “health” of the overall system based on the health reports we receive from Cozify hubs.
We do plan to data mine in future to provide better service to our clients. As an example, we could give you tips on how to save energy by comparing stats from your home to average homes in the same area. We can also make more sophisticated automation possible by letting the system learn and adapt to your behaviour. We do anonymise this data when looking for trends in these scenarios though.
One thing I’d like to make clear though: We will communicate our privacy policies as clearly and transparently as possible and ask for permission or inform the user about the user of their data, even when it is being used in an anonymised manner.
We believe that privacy and security are one of the important issues in the home IoT area.