A Cost effective solution To Reconnect remote routers

Cloud security is a hot topic and increasingly coming under more scrutiny, much like the Internet of Things (IoT) and BMS security.

Implementing a cloud service can be very complex. Experience in software, firmware, and hardware is required to navigate options and achieve a coherent and secure result.

Cabot Technologies offer a holistic approach and have experience in cloud architecture, API design, web development, and firmware development. This allowed us to help a customer upgrade their home automation cloud service.

The problem

Our customer had previously developed a custom home automation product. This included a cloud service to allow their customers to control their air-conditioning and lighting from outside of their home over the internet.

There were a number of reliability issues with internet connectivity and their service was increasing being blocked by modern browsers due to cloud security issues. To make matters worse, there was little to no documentation of any sort. Development was originally done by a number of developers, including some outsourced labour. This resulted in a very fragmented code-base that needed untangling for us to form a plan going forward.


Information gathering

Before any development or remedial work was proposed, we undertook a detailed investigation of the existing system. This involved going through existing web server code and device software. This culminated in a comprehensive report of our findings and recommendations. We clearly explained each problem found, a summary in layman’s terms, and more in-depth technical details.

We delivered this security report to the customer with an accompanying itemised quotation for full transparency, and invited them to consult with other tech specialists or developers if they wished a second opinion. The customer later approached us to commence the security upgrade as quoted.

Technical challenges


The solution

Our customer made it clear that they had a limited budget as significant development works had already been undertaken to get to this point. They were also offering this cloud service subscription free, meaning costs needed to be recouped in product sales. We worked with them to provide a secure solution that didn’t require starting from scratch.

First, we built a new API for their cloud service that implemented strong security and modern best practices. We then adapted their existing website to utilise the new API. The result looked identical to their original website for their users, but included the much needed security features to keep them safe.

The hardware installed in the user’s homes also required significant updating. Again, we were able to preserve the existing web interface for the users, but greatly improve security. Using the new cloud API, we effectively curtailed all of the insecure communications. We also implemented a better firewall system and unique authentication credentials per device.

A number of intelligent data usage rules between the cloud API and hardware were also implemented. This allows devices to ‘idle’ using less data when not actively being viewed by a user, but then ramp-up to high-resolution data for responsiveness when in use. This helped keep ongoing infrastructure costs down for their subscription-free service, but still deliver good performance for users.

We assisted our customer with testing using our staging infrastructure. This meant we could do bug and performance testing without interrupting their existing system during development.

Full documentation was provided for all works including instructions for deployment. We then installed the new cloud system on their servers and continue to offer technical support.

Please drop us a line if you’d like us to help review or secure your cloud service.


More of our work