The Google Nest brand covers an array of smart home products, like smart speakers, video displays, content streaming devices, home thermostats, carbon dioxide detectors, data routers and security systems including smart doorbells equipped with video cameras and smart locking mechanisms. This expanding portfolio under the Google brand represents the wider growth in the home Internet of Things market. Many analysts predict that the number of cybersecurity incidences that will impact on the smart home will increase, and hence tighter security measures are required.
Google has promised that the new two-factor authentication process will integrate seamlessly into the Nest user experience, and that while users will not notice any significant changes to their experience the Google products will become more secure. Two-factor authentication is a process whereby a device user is only granted access to a system once they have successfully presented two (sometimes more, in the case of multifactor authentication) items of evidence (or ‘factors’) to the platform’s digital authentication mechanism.
Examples of authentication factors are: knowledge (something only the user knows like a name of a place), possession (something only the user has), and inherence (something only the user is).
With Google’s timely decision, Pulse Secure CMO Scott Gordon says that the enterprise should take note for their own security programs.
Gordon tells Digital Journal: “Security threats must embolden consumer defenses. Too often, users are simply activating devices in their home network or on the road without considering connectivity risks.”
As the home Internet of Things expands and more devices being interconnected, tighter security measures are required, as Gordon notes: “As smart device adoption, from thermostats and light bulbs to garage doors and gates, continues to grow, users must be vigilant to not only change passwords but to take advantage of advanced security settings.”
With Google’s specific new measures, Gordon notes: “By introducing two-factor authentication, Google is adding necessary security measures to protect consumers. As organizations progress Zero Trust security at work, they must fortify their security awareness programs; especially since the home office and business travel are the new corporate perimeter.”
The Zero Trust approach is one where security concepts and threat models no longer assume that actors, systems or services operating from within the security perimeter should be automatically trusted, thereby introducing a new and tighter cybersecurity model.