Hello,
I was curious to know how the address and Lat/Lng coordinates are being used by the IP100D when setting up a new Location profile within the portal? I see that the Lat/Lng settings are a required field but from what I know of how this device works it doesn't proactivly alert the cops or other emergency responders in the event of an alarm so why is any of it required information?
Is there any documentation on how the IP100D works in regards to its communications back to the portal? Does the device have a preset IP/DNS target that it reports its information to at a given interval? Or, does Eyez-On "Poll" the registered device via the Users active web connection at a given interval to provide status updates? I assume all communication is over a secure SSL connection for any/all communication?
Lastly, how secure is our information and data that we enter during the activation process? I find this device very convenient but at the same time I wonder if I have just lessoned the security of my alarm system by allowing a third party a direct feed into my panel. I think back on recent hacking incidents that companies like Sony/Playstation fell victim to and can only imagine what kind of havoc someone can do if security is breached in this type of service.
Please don't take these questions the wrong way as I do like the device but since I was not able to find any documentation that addresses these types of concerns or how the device works I felt required to ask.
Thanks for any information you can provide.
A few questions and concerns
Moderators: EyezOnRich, GrandWizard
-
EyezOnRich
- Posts: 134
- Joined: Wed Nov 17, 2010 11:53 am
Re: A few questions and concerns
Hi
You're right in that the lat/long aren't really used for anything. They are completely optional parameters that you can set or ignore as you like. In fact most of our customers for the IP100D likely ignore them and just leave them set as default. Don't forget we also have customers who view their GPS locators through the same portal.
There is no documentation on how the device communicates with the servers as that is proprietary but all communications are encrypted.
As far as the data on the servers is concerned our site is all encrypted, we don't store credit card information and we don't store the actual code for your panel. So even if by some means the server was compromised they still couldn't disarm your system.
Having said that, and despite all our best efforts, is your system less secure? The short answer is yes, slightly. But in adding our module you are making a conscious decision to do that in the interest of convenience. You may want to think of it in a similar nature to an RF KeyFOB that allows you to arm and disarm your system with a one-button push of the FOB. Very convenient - but if someone takes your FOB they can immediately disarm your system, no code, no security. It is up to the system owner to decide what balance of convenience and security they are comfortable with.
Hope that answers your questions.
You're right in that the lat/long aren't really used for anything. They are completely optional parameters that you can set or ignore as you like. In fact most of our customers for the IP100D likely ignore them and just leave them set as default. Don't forget we also have customers who view their GPS locators through the same portal.
There is no documentation on how the device communicates with the servers as that is proprietary but all communications are encrypted.
As far as the data on the servers is concerned our site is all encrypted, we don't store credit card information and we don't store the actual code for your panel. So even if by some means the server was compromised they still couldn't disarm your system.
Having said that, and despite all our best efforts, is your system less secure? The short answer is yes, slightly. But in adding our module you are making a conscious decision to do that in the interest of convenience. You may want to think of it in a similar nature to an RF KeyFOB that allows you to arm and disarm your system with a one-button push of the FOB. Very convenient - but if someone takes your FOB they can immediately disarm your system, no code, no security. It is up to the system owner to decide what balance of convenience and security they are comfortable with.
Hope that answers your questions.