Securifi's Almond Routers Get Subscription-based IoT Device Security Service
by Ganesh T S on January 4, 2017 10:00 AM EST- Posted in
- Trade Shows
- Networking
- IoT
- Securifi
- CES 2017
We have been following Securifi's offerings in the home networking space over the last few years. They have stood out in the crowded consumer Wi-Fi market by being one of the pioneers in using the network router to support both IP as well as home automation devices.
The consumer Wi-Fi market is a crowded one, and it is difficult to stand out. While established vendors like Netgear, Linksys etc. can make do with revenue on the hardware alone, companies that don't have the reach or resources to have a comprehensive product line need to be creative in finding ways to drive up revenue. The services / subscription model is widely adopted in the SMB / SME area, but, has typically not found much traction in the consumer market (except for services like TV / Internet / home alarm systems and the like). Securifi is hoping to tap the services market with a new category - subscription-based cybersecurity for the connected home.
Today's smart home has a large number of IoT devices, almost all of which communicate with cloud servers. I would personally avoid anything that requires the cloud to provide its basic functionality, but, given the success enjoyed by IoT devices like the Nest Thermostat and Amazon Echo / Alexa, it is clear that I am in a minority. Digression aside, it is clear that the average consumer has no idea about the servers that are being communicated with by the IoT devices in the household. Often, compromised devices can lead to IoT devices becoming part of botnets (as evident from the recent Mirai DDoS attacks). Securifi's solution to this issue involves a multi-pronged approach:
- Analysis of network devices to look for those having ports open to the Internet and/or weak login credentials, and reporting of the same to the user via the Almond app.
- Analysis of traffic pattern of the network devices (just the destination server addresses, and not deep-packet inspection or inspection of the content itself) to ensure that popular IoT devices are communicating only with their vendors' servers.
- Detection of network devices exhibiting traffic patterns indicative of being a botnet member
- Optional monitoring of the websites browsed by selected devices (with the intent of ensuring safe surfing behavior for kids)
It must be noted that some of the above captured data is stored in Securifi's servers because they need to send push notifications to the user's smartphone even if it is away from the primary network. Securifi is utilizing machine learning to provide part of this functionality (based on the behavior of IoT devices with multiple consumers over time). Users are offered fine grained control over the data stored for this purpose.
Securifi plans to roll out the service to the public starting on January 23, 2017 with a free 30-day trial. Subscription rates start at $4/month, with plans to increase to $10/month after the roll-out of additional features. The service will initially be open only for Almond 3 users. The eventual plan is to roll it out for the Almond and Almond+ users also. Given that this is a cloud-based subscription service, it is not a surprise.
As the number of IoT devices in the household increase, Securifi's subscription-based approach to driving up revenue might serve them well. I can definitely see the average consumer signing up for these types of services. That said, I do want to see more value being provided even with just a $4/month fee. If Securifi can get in some UTM functionality to provide firewall, anti-virus, anti-spam and other services, this type of subscription offering can tempt power users also.
6 Comments
View All Comments
smartthanyou - Wednesday, January 4, 2017 - link
So this service doesn't actually prevent IoT devices from doing bad things? It just monitors them and lets you know that they are potential problems in the future or are actually exhibiting bot behavior now?I guess the same type of folks that think these type of devices are good things to have are the same type that will think this service is a good deal.
ganeshts - Wednesday, January 4, 2017 - link
While I agree with you on the latter segment, I am not sure there is any service that can actually prevent IoT devices from doing bad things.. (unless the service is from the vendor of the IoT device itself - like a daily firmware / settings check from the cloud). Do you have any propositions to handle that in a generic manner? Otherwise, I think Securifi's approach is the best bet right now. Again, I stress that power users should never be using cloud-reliant IoT devices and should take extra care to ensure that their IP cameras have proper credentials / look out for reporte vulnerabilities themselves in the IoT devices that they own.doggface - Wednesday, January 4, 2017 - link
Sometimes it can be hard to figure out you have been compromised without going the full Wireshark. And even then, u may get compromised the next day. Seems to me if something like this can automate that, it is good for security.markhenrich - Thursday, December 7, 2017 - link
ThANKS FOR sHARING <a href="http://www.hreviewtips.com/hostgator-internal-serv... server error 500</a>markhenrich - Thursday, December 7, 2017 - link
Thanks for Sharing a.........http://www.hreviewtips.com/">hreviewtips