Case Study August Home

Security on Lock

The Internet of Things is a growing industry that presents opportunities for both innovation and exploitation. When a product’s functionality requires the internet, security is key.

Home Security Meets Cybersecurity

August Home had a vision to revolutionize home security by bringing it into the Internet Age. August Home saw the front door not only as a mechanism for keeping the bad guys out, but also as a tool for letting the right people in — at the right times, on the right terms, and always at the homeowner’s discretion.

The August Smart Lock lets users create virtual keys to their home and easily grant access to house cleaners, dog walkers, delivery services, guests, friends, and family—and control how long that access lasts—all from a smartphone.

Connecting devices to the internet introduces new areas for innovation, improvement, and intrusion. Connecting a lock to the internet meant that August Home had the unique challenge of maintaining customer confidence while introducing a new approach to securing their front door using the August Smart Lock.

“Early on, it was apparent to us that August Home had a talented engineering team and they cared about being the most secure Smart Lock on the market.”

Rob Ragan Bishop Fox Managing Security Associate

The Task

First, August Home had to solve the challenges introduced by hosting their product’s functionality in the digital rather than physical realm — they needed to secure homes without introducing backdoors to the back door.

“When you look at our product … if it were to get hacked or compromised in some way, it’s not just a camera or an air conditioner,” said August Home Product Manager Tom Russo. “We are an IoT company, but we are also a security and lock company. We looked at our lock differently than some of the IoT products that are out there. Those products could afford to leave IoT security as a bit of an afterthought. But we couldn’t.”

To ensure the security of its product, August Home sought a firm that could assess all aspects of the product — hardware, firmware, and software. Their search led them to Bishop Fox.

Eager to help pioneer and architect the security design with August Home, we brought our top mobile experts and leading product security researchers in to assess the project.

As Bishop Fox identified potential issues, the August Home team got to work on implementing new and innovative methods to strengthen their products’ security. This collaborative approach led to more creative and effective solutions.

Chris Dow, Vice President of Software at August Home wanted more than just a checkbox tick saying that their Smart Lock was secure, he wanted to work with a team that would partner closely with his team along the way.

“Bishop Fox is a group of security professionals who are experts in their field. They brought a number of different disciplines to the project, people who understood all aspects of what we were working with. As we designed the encryption and authentication model for the lock itself, Bishop Fox’s team reviewed the design as we did it,” said Dow.

Working together during the encryption design allowed August Home to build solid IoT security in to all aspects of their Smart Lock before deployment.

“Throughout this project, it was clear that we were all working towards the same goal – a secure product. Trust and collaboration is important when the stakes are high. It was great working as an extension of the August Home team over several versions and releases of the Smart Lock,” said Ragan.

The Result

August Home put the security of their product and their customer’s peace of mind at the forefront of their design. As a result of their partnership with Bishop Fox, their Smart Lock went to market with two-factor authentication, Bluetooth Low Energy (BLE) technology encryption, and an update feature that allows August Home to seamlessly release security advancements to users.

August Home’s commitment to the security and well-being of its customers led to a well-designed and industry-leading product — a product that we at Bishop Fox use in our own offices.

Download the PDF here –  August Case Study - Built in Security (1276 downloads)