As you may be aware, CRT & CRTLabs are focused on the Internet of Things and what it means for real estate. There are a couple of areas we are focused on in order to promote security for the consumer and for the device manufacturer. This focus is part of our holistic approach to the Internet of Things. Not only are we working with vendors, universities, NGOs & government agencies to improve the devices on the market, we also want to ensure that consumers and our membership are protected as best as possible. Currently, security can seem like an afterthought for vendors. We want to make sure they are taking it seriously as we educate our membership on the value of these devices.
Partnership with The Online Trust Alliance – Consumer Focused
Last week, NAR released a smart home checklist in partnership with the Online Trust Allianceº. This is a great tool for our members to provide to buyers and sellers. This checklist covers what to consider when it comes to smart home devices as well as some security best practices for routers, gateways and other networking mechanisms. As we move forward in this ‘always connected’ paradigm, having this checklist will only increase in value.
The smart home checklist was released during Cyber Security Month to highlight that when consumers and REALTORS think of cyber security, we need to think not only in the context of the online world, but also in the context of the real world as these smart sensors and nodes come online.
Along with our work on the checklist, CRT’s been reviewing the Online Trust Alliance’s IoT Trust Framework. This document is in its second draft and will be a guide for manufacturers and consumers in this space. Personally, I am interested in its potential as a springboard for a certification for IoT products. Follow Online Trust Alliance on twitter at @otalliance.
Partnership with BuildItSecure.ly – Vendor Focused
Another project focused on security is aimed at educating IoT vendors on its importance. BuilditSecure.ly is a group comprised of information security researchers who are stressing the importance of secure devices and code. You may remember the story about the hacking of the Jeep Cherokee this past summer. That work was done in partnership with a group called I Am the Calvalry who are stressing the importance of security for connected vehicles.
BuildItSecure.ly is an analogue for smart devices. It’s comprised of security researchers from all around the world focused on educating consumers and vendors on the importance of security for these devices. CRT is working to promote their work and partner with them on educating manufacturers to the importance of security.
One of the cool initiatives from BuildItSecure.ly is a program to harden the code for device manufacturers. Using a product called BugCrowd, vendors can offer ‘bug bounties’ on their code to verified info security researchers. This allows for an independent third party to review the code and help improve its security. It also frees up vendor resources and allows them to focus more on the features for their products. Follow BuildItSecure.ly on twitter at @builditsecurely.
What do you think?
As we push ahead in this space, we’d love to hear from you. Are there projects in Iot & Security you’re familiar with? Tweet your thoughts to @crtlabs.
º Note: CRT signed NAR up as a member of the Online Trust Allianace last month