Securing the Connected Home: Why Your Hardware Choices Matter

Your subscribers are worried about the security of their home Wi-Fi networks—and with good reason. With the average household now having more than 20 devices connected to their network, there are plenty of reasons for hackers wanting to gain access. Once inside, cyber criminals can potentially take control of security cameras, appliances, smart TVs, not to mention the sensitive data stored on computers such as banking information.

 
Despite awareness of these dangers, many subscribers don’t know that bad actors can infiltrate their network via broadband equipment such as routers. According to a recent survey, 86 percent of respondents say they have never changed their router admin password, 72 percent have never changed the Wi-Fi password, and 89 percent have never updated the router firmware. These are open invitations for hackers to strike, providing ample opportunity to deliver dangerous malware such as VPNFilter into a home network via an insecure router.  

 
With subscribers seemingly in the dark about router security, the responsibility falls on you—the broadband service provider (BSP)—to protect them. Part of the task is to ensure subscribers are up to speed with best practice and can spot the warning signs that they may have been hacked, such as website redirects or unfamiliar devices on the network. But the best form of defense is to ensure they have the very best equipment in their homes to begin with.

 
Protecting Your Subscribers Using Best-of-Breed Hardware

Cheap routers bought online or at big box retailers are often the ones specifically targeted by hackers. But even established manufacturers have seen their equipment hijacked by malicious attackers to launch widespread attacks. As a result, offering high-quality customer premises equipment (CPE) is fast becoming a key differentiator for BSPs seeking to offer their subscribers peace of mind.  

 
That’s why at Calix we produce high quality systems that work in concert with our cloud management platform to deliver an unparalleled subscriber experience while protecting subscribers with a combination of service provider and self-management applications. Our GigaSpire systems, are designed with components from reputable manufactures which minimizes vulnerabilities and access to core operating functionality. Additionally, when combined with Calix in-house system and service software development, there is little opportunity to penetrate the safeguards incorporated to protect our systems. 
 

But what about security? Because our systems form part of a unified ecosystem, Calix's hardware works seamlessly with our broader suite of managed services and cloud-based solutions, offering BSPs end-to-end visibility and control. This holistic approach helps identify and mitigate vulnerabilities across the entire network, something impossible to do using piecemeal solutions. There are several other areas where we have built security into our systems, including:  

• Deploying the latest threat defenses. Calix systems use WPA3 encryption, the most secure Wi-Fi standard, ensuring robust protection against the latest cyber threats. We also deploy AI-driven threat detection and mitigation tools that can proactively identify and neutralize risks.

• Using automated processes to keep up to date. Calix hardware supports automated firmware updates, ensuring the very latest “zero-day” vulnerabilities are patched without waiting for the user to perform manual updates. 

• Harnessing intelligent network optimization. Calix systems can automatically identify and resolve network issues, helping minimize vulnerabilities caused by misconfigurations or system errors​. They also support network segmentation to isolate vulnerable devices on the network.   

• Integrating with the latest managed services. Calix systems work seamlessly with the array of managed services in the Calix SmartLife™ portfolio. This includes tools such as ProtectIQ^®, which provides an easy way for subscribers to block viruses, malware, and intrusions. 

• Compatibility with the latest standards. Calix systems are compliant with very latest broadband standards such as TR-398. Standards such as these incorporate advanced security protocols designed to safeguard against DDoS attacks, intrusion attempts, and data breaches.

Putting Network Security at the Heart of Your Offering

In today’s increasingly connected world, security capabilities must be fully integrated into the subscriber offering, which means the equipment you provide for the home must be robust, secure, and based on the very latest security standards. With the right high-quality solutions in place, BSPs can not only deliver a superior home Wi-Fi experience, but also meet the challenges posed by rapidly rising cybercrime.  

 
Home network security is no longer an optional extra or afterthought. It is a key differentiator that will drive trust and loyalty with your subscribers by protecting them from digital dangers. 
 

Learn more about how to protect your network, keep your subscribers secure, and use security features to grow your revenue by scheduling a consult with our network security experts.