Electrical trade

Data protection
and data security
in the smart home

A smart home offers many advantages. Intelligent building technology provides residents and users with a particular degree of convenience, security and enhanced energy efficiency for living and working.

However, precisely due to comprehensive networking and individual adaptation to user behaviour, personal data protection and technical data security are particularly important topics that must be handled appropriately. In the networks of smart home projects, there is always sensitive, personal data that you can access as an installer – like the number of residents, the times they are at home and away, user behaviour and often camera images of people.

You should draw up a contractual agreement on protecting sensitive, personal data with customers beforehand. This creates trust and you will give your customers a good sense of security right from the outset. Ensure that digital building technology is protected by installing it in an exacting, careful manner and point out to your customers that you are doing so at all times. Read our recommendations.

Our recommendations for greater data security

Protecting personal data, safeguarding technical systems – we have summarised the most important things you need to keep in mind regarding these two topics. To contractually protect personal data, you can download a template to be used as an appropriate supplement to the contract. From a technical standpoint, there is also a lot that can be done to protect data and networks.

Inform customers about data protection

Give your customers comprehensive information about data protection and data security. Point out all security-relevant aspects and explain the solutions to them. This will create an awareness of this sensitive topic among customers and enable you to position yourself as a competent specialised company.

Use contracts to protect your privacy

In an intelligent building, there is always sensitive personal data that you can access as an installer – like the number of residents, the times they are at home and away, user behaviour and often camera images of people. Raise this issue with customers and draw up a contractual agreement to stipulate how this information ought to be handled from the very start. This will create trust and give your customers a feeling of complete security.
Recommendation – privacy statement as a supplement to the contract

Take data security into consideration when calculating costs

Hardware and programming costs for data security within the network should be appropriately factored in during the cost calculation stage. Think in advance about which factors are required first and which special security-related aspects must be taken into consideration for the relevant network, and include them at the planning stage to give yourself enough leeway in implementation. Ideally, you would calculate two versions – installation according to basic security requirements and implementation with increased protection.
IT recommendation – basic requirements for KNX infrastructure
IT recommendation – increased requirements for KNX infrastructure

Group the network into VLAN segments

One important method for increasing security is to divide the data network into mutually protected zones. Divide the network into logical groups, for example by creating relevant VLAN segments for the building technology, for maintenance purposes, for internet access or for IP cameras used in building surveillance. In this way, all the inhabitants can use the internet and consumer electronics, while only certain people have access to the home control. Children cannot access their parents’ PC, and nor can the installer during remote maintenance.

Prevent unauthorised access with VPN

Remote control of the smart home using smartphones, tablets or external PCs is one of the most popular functions and is therefore widely used. But there are many dangers lurking on the internet where such signals can be captured and used for harmful purposes too. So, ensure increased security by creating a Virtual Private Network (VPN) to grant your customers remote access. In this type of network, connections from outside are protected by a virtual tunnel, which prevents third parties from viewing or accessing confidential data.

Observe security standards for wireless networks

Wireless networks (WLAN) can also be well protected. But significantly higher security standards are absolutely essential. Use WPA2 according to IEEE802.11i in conjunction with an AES algorithm for encryption purposes. This should always be standard procedure for wireless networks. Also inform your customers about the use of WPA2 and its function. Always keep your own knowledge about the various encryption methods up to date. We regularly provide information about them in our Gira network security training seminars.

Use secure passwords

As with any computer or smartphone, this also applies to the smart home. Strong passwords are a basic condition for security. Never leave any device’s default passwords unchanged. Instead, replace them with new, secure passwords in consultation with your customers. It is also advisable to change passwords on a regular basis for security purposes. Please point this out to your customers too.

Carry out regular updates

It is important for your security that the technology is always up-to-date. This is because security requirements can change, and Gira regularly revises and improves device and system software to reflect these changes. For this reason, regular updates should be carried out on all devices. This prevents unnecessary security gaps. Point this issue out to your customers and offer your support. If necessary, use the contract template for IT systems support and maintenance.
Contract template for systems maintenance

Attend training sessions and be aware of current standards

Systems and requirements change, existing standards are revised and new standards are created. On the subject of security, it is vital always to be up to date and aware of the latest developments. Attend relevant training sessions on a regular basis to ensure that you are well informed. The Gira seminars give you a very concise overview of the subject matter.
Basic seminar Network Technology 1 Basics
Advanced seminar Network Technology 2 Network Security
Advanced seminar Network Technology 3

Data protection and data security experts near you

Alternatively, you can also discuss data security issues with an expert. We are happy to recommend data protection and data security experts near you. Simply use our search function.

Electrical trade


Gira uses cookies for websites in the domain. By using our website, you agree to the use of cookies. Our Data Protection Declaration contains more information about the cookies used by us or third parties and the ways in which you can deactivate cookies.