Q&A with Tom Srail
Tom Srail, Willis Group, Regional Industry Leader, North America, Technology, Media and Telecommunications
Q
Many people are turning to Web-based home security systems. Are there cyber security concerns they may be overlooking?
A
When it comes to your doors and windows, you have to worry about your local neighborhood criminals. When it comes to automating everything in your home, that opens it up to the whole world—hackers and others who wish you ill. When you want to unlock your door with your iPhone or Android, you hook up through the Internet. Once you do that, you open yourself up.
Q
What kind of equipment is vulnerable? Door locks, video cameras, thermostats, lighting?
A
Anything that is computerized and connected becomes vulnerable. A lot of these devices are using wireless or remote technology, Bluetooth and Wi-Fi, to connect your thermostat to your garage door opener to your door lock to your video cameras to your entertainment system and lighting and shades. Like any other computerized device, when you network something for convenience you open it up to other people. Passwords and encryption are great tools, but nothing is foolproof.
Q
Are there other concerns?
A
The back-end storage of data and the privacy impact of that will be of keen concern as well, whether that be passwords or biometric information, how much water or other energy you’re using, what level you set your thermostat at. Some of that information is more sensitive than others, but the storage and selling of that information is a concern.The back-end storage of data and the privacy impact of that will be of keen concern as well, whether that be passwords or biometric information, how much water or other energy you’re using, what level you set your thermostat at. Some of that information is more sensitive than others, but the storage and selling of that information is a concern.
Q
How can people handle cyber-security concerns?
A
It starts by being aware. If I’m going to have my door locks and garage door openers on my iPhone, I better have a password, I better encrypt it. I better use vendors and suppliers I trust, not some free app. Use reputable organizations and reputable equipment and understand the security, the encryption, the passwords and protocols behind it to make sure security is built into those devices before you start turning over your home automation to them.
I would look for companies that are crystal clear about what they will or won’t do. Technically, they can do anything they want; they’re running our videos through their networks. You want reputable firms, hardware and software vendors whom you trust, so you can have some level of comfort you won’t end up on YouTube.
