Data security in the smart home: How secure is my data?

Datensicherheit im Smart Home: Wie sicher sind meine Daten?

One in two people in Germany already owns at least one smart home-enabled application. More than one in ten of them has equipped their home with various smart devices. But as networking increases, so does the flow of data, and so far the issue of data security in the smart home often seems to have been grossly underestimated.

We ask ourselves the question: Which path does the data actually take and how secure are smart home devices at home? In our series of articles on the subject of data security in the smart home, we provide information and helpful tips on what you should look out for.

According to a study, a lack of data security is the reason for around a third of all respondents to refrain from using smart devices.
In contrast, many convinced smart home users believe that the smart technology is already optimally equipped by the manufacturer and that data security and information security have top priority.
Unfortunately, this is not quite the case. So far, there is a lack of cross-manufacturer standards that adequately protect your smart home devices from unwanted access from the outside.

Concerns about digital intrusion by hackers are therefore making more and more people shy away from smart applications. Your smart home is only as secure as the weakest link in the chain. And the more devices you integrate into your smart home, the more risks there are for a data leak.

Data protection and data security - what's the difference?

Data protection and data security - is there any difference at all? Yes and no. Because when it comes to data protection, the question is how the manufacturer or provider uses and stores the data entered. In other words, what happens to my data that I "voluntarily" provide to the product manufacturer or a company. Data security in the smart home is about protecting the system - i.e., primarily IT security, from third-party access by hackers.

How do smart home devices communicate with each other?

To better understand the topic of data security in the smart home, we should first look at how the smart helpers communicate and which route sensitive data takes.

In most cases, the various devices in the home are networked via a smart home bridge.
It forms a kind of distributor for the smart home devices and connects them to the Internet. The smart home devices in turn communicate with the bridge in encrypted form via Bluetooth or special smart home standards such as Zigbee or Z-Wave. This means that the bridge forms the interface or translator for devices that cannot connect directly to the network themselves. Depending on which devices are integrated into the smart home, the devices remain local and do not necessarily connect to the Internet, or the data is stored online via a cloud. Many devices can and do both. That is, they communicate locally or via a cloud.

As already mentioned, one possibility is purely local networks, for which you need a router. In this case, devices are only on the move in the home network and are not connected to the Internet at all. This is usually the case with home systems, which can be planned from the outset when a house is built and can thus operate lights, sound or windows. The advantage of local systems is the fundamentally very high level of data protection, because since the systems remain quasi "in-house," they do not transmit any data to the outside via the Internet. But even here there are weak points and physical access possibilities still exist. So bringing a less well-protected device into your supposedly secure smart home. A disadvantage of the local system is also the lower comfort, because smart home devices that are not coupled with the Internet can not be used remotely.

Another option is cloud-only systems. In these smart home networks, user data and configuration data are located on external servers. How secure the data actually is via the cloud systems then depends on both the device manufacturer and its applied encryption technology and the user behavior.

The most common variant, however, are combined systems that communicate with each other both locally and cloud-based.

Datensicherheit im Smart Home, smart home, Livy Alive

What data do I share about myself in the smart home?

Social media profile set to private, app tracking turned off, and incognito when surfing: if you care about your data privacy online and keep your digital footprint as small as possible, you should also keep a careful eye on your data flow in the smart home. But what data do we actually share when using smart home devices?

In addition to registration data, which is completely superfluous for some devices (e.g. light bulbs or smart sockets), other sensitive data is sometimes collected, processed and shared in the background. In particular, personal data such as the number of residents, times of presence and absence, user behavior via smart apps such as downloads and purchases, or camera images and recordings belong in the privacy of smart home users and not in the "public domain".
Be sure to find out in advance what data is collected by your desired product and how it is processed.

Generously speaking, the market can be divided into two types of smart home providers: First, there are companies that are strongly oriented toward the applicable data protection guidelines and are concerned about the transparency of the stored data and the

In Germany, the topic of data protection has become more important at the latest with the DSGVO and, above all, has placed companies under an obligation to ensure greater data security for their customers and to make data processing more transparent for the customer side.

Therefore, it generally makes sense to orient oneself to German or European manufacturers and to take a close look at their data processing. This also applies to German manufacturers who export abroad.

How high is data security when using smart devices?

Every smart home user should take care of the data security and check which security standard the respective manufacturer guarantees from the factory and which possibilities there are to improve data security in the smart home, or what to look out for in domestic use.
In principle, encryption should be used wherever data flows. This applies to user data (name, address, etc.) as well as to the stored data of the respective smart home device.

An encryption for data transfers is now standard. However, there is still no uniformity in communication between manufacturers for the smart home, which makes optimal protection difficult and therefore difficult for users to grasp. The various devices and manufacturers use different protocols to communicate with each other and cannot be integrated into a uniform ecosystem.
This results in some glaring gaps in data security for smart home users.

Starting in the fall of 2022, this will change with the new Matter communication standard. Matter is designed to simplify the integration of smart home devices. Every device will communicate with every other device - completely independent of the manufacturer. This is also to be accompanied by a new and equal standard in terms of data security, which Matter calls "Secure by design".

Matter's security mechanisms are based on three principles and create a safe space for user data thanks to trusted devices, secure control and tap-proof communication.

What should I look for when choosing my devices?

What should I look for when choosing my devices?
Don't save money when it comes to data security. Even if one or the other special offer sounds tempting, the provider and the data security of the smart home product should be checked again before each purchase.
So basically, when choosing smart devices, pay attention to the following:

  • Where does the manufacturer of the smart home device come from?

  • How does the manufacturer deal with the issue of data protection and data security?

  • How much information does the manufacturer provide me on the subject of data security?

  • Where is my data collected and processed?

  • What data do I have to disclose to use the smart device?

  • Do I have the option to turn off certain functions?
    (e.g. permanent camera operation)

  • How much data security (encryption) does the smart product offer?

If you can find a competent and transparent answer to all these questions from the manufacturer, you are basically on the safe side.
Otherwise, if you still have questions or uncertainties, it makes sense to contact the manufacturer again before buying and simply ask about certain functions.

We would like to be even more transparent about our data protection and data security in the future. Therefore, you can look forward to further articles on the topic of data security at Livy and interviews with our developers.

Would you like individual advice on our products? Book your telephone consultation appointment with our Livy experts now.

Leave a comment

Please note, comments must be approved before they are published