Your Lighting System Should Not be an IOT Security Issue.

 

 

POE LED Lighting offers unprecedented capabilities and a potential platform for Internet of Things (IoT) solutions. From energy management to space utilization, inventory tracking and location-based services, the IoT promises extraordinary value; the key to unlocking it is network connectivity.

This network connectivity, however, may also bring data, privacy and security risks. This is a relatively new issue for the lighting industry to deal with. The good news is LV Energy Systems has a team of security professionals that have developed robust best practices. These best practices are taught to our network of certified re-sellers ensuring that every re-seller is capable of installing a secure POE LED Lighting system. 

When POE LED lighting devices are networked, they become essentially another communication or computer network in a building, prone to hacking attempts. While one might think the big issue is a hacker taking over a lighting system, which would be a “sniffing” attack, from an economic point of view, the bigger threat is a hacker using a building system network to penetrate a more secure corporate network for the purpose of data theft, known as a “vectoring” attack.

If a device connects to a network that connects to other networks or the Internet, the consequences of hacking can be greater, so a higher level of security is required to protect the entire ecosystem. At LV Energy Systems network security is of great concern and we go to great lengths to ensure that all of our re-sellers are up to the task of installing a fully secured POE LED Lighting system.

 

GOOD SECURITY

The answer is for lighting designers and specifiers to look for products and solutions that have good cyber security measures. “Good security” being defined on the product side as what specific measures are built into a system and how they’re implemented, and on the client side about their level of technical acumen and risk tolerance.

In May 2018, the U.S. Department of Energy’s Federal Energy Management Program published a bulletin recommending 128-bit encryption or virtual local area networks (VLANs) as appropriate security tools, backed by good authentication. Encryption prevents data between devices being intercepted. Authentication ensures only trusted devices share data, with possibly the most secure method involving one device initiating communication with a public key and the responding device answering with a private key. VLANs involve partitioning a network to run part of it as a subnet with its own level of functionality and security.