Security, Technology News for Fresno Businesses, Web & Cloud

Why Your Business Needs to Worry About Amazon Sidewalk

Posted on by unityinfotech
Why Your Business Needs to Worry About Amazon Sidewalk

The Internet of Things (IoT) revolution is well underway. Last year, 82% of industrial companies planned to use IoT devices, many citing the cost savings they bring by improving operational efficiency.

While smart speakers and doorbell cameras might have become popular in homes first, these types of smart technologies are quickly expanding to the workplace as companies go through virtualization. Amazon even has an entire Alexa for Business service to promote its voice speakers to businesses.

This coupled with the fact that many employees in Fresno and beyond are now working permanently from home, makes the new Amazon Sidewalk a potential security risk for companies.

What is Amazon Sidewalk?

Amazon Sidewalk is a new shared, low-bandwidth network developed by Amazon that smart speakers and Ring security cameras in your office or employees’ homes might already have connected to automatically.

The network uses bandwidth from users by tapping into their Amazon devices to power a shared public network designed to blanket a neighborhood with connectivity.

The purpose of the network is to offer more flexibility to keep certain IoT devices connected in outdoor areas. For example, if you were using Ring security floodlights, you could place them at the perimeter of your properly and still have an internet connection through the Sidewalk network.

But this network has several things that should worry business owners and those who own Amazon IoT devices.  

Amazon Automatically Opted In Compatible Devices

One thing that is very concerning about how Amazon rolled out this shared network is that it automatically opted in compatible devices, which it calls Sidewalk Bridge devices.

So, you can have multiple employees working from home that don’t even know that a portion of their network is being shared with strangers. If your company has any Amazon IoT devices at your office, the same could be happening. 

Users have to specifically go into their device’s Alexa settings to turn off connection to Amazon Sidewalk.

Amazon currently notes compatible Sidewalk Bridge devices as:

  • Echo (2nd to 4th Gen)
  • Echo Dot (2nd to 4th Gen)
  • Echo Dot for Kids (2nd to 4th Gen)
  • Echo Dot with Clock (3rd to 4th Gen)
  • Echo Plus (1st to 2nd Gen)
  • Echo Show (1st to 2nd Gen)
  • Echo Show 5, 8, 10
  • Echo Spot
  • Echo Studio
  • Ring Floodlight Cam
  • Ring Spotlight Cam Wired
  • Ring Spotlight Cam Mount

Sidewalk is Tapping Into Your Network Bandwidth

Amazon notes that for each Sidewalk Bridge, a maximum of 80Kbps in bandwidth is being leveraged by the network. The company states that this is “about 1/40th of the bandwidth used to stream a typical high definition video.” Note this is per Sidewalk Bridge, so if you have more than one Echo or Ring device, it could be using more.

As much as 500MB of data per month.is used by the network per each account that’s opted in.

These network resources are used by Amazon’s servers powering Sidewalk to create the shared public network, so more the devices opted in in an area mean a stronger network, fewer devices mean a weaker one.

Users are not being compensated for the use of their data and network bandwidth to power Amazon Sidewalk.

This is a Public Network That Anyone Can Join 

Public networks are the most susceptible to being hacked and having man-in-the-middle attacks performed against other users connected to the network.

Amazon is using three layers of encryption:

  • Sidewalk Application Layer: Secures communication between the endpoint device and application server
  • Sidewalk Network Layer: Protects the endpoint’s Sidewalk data packet over air
  • Flex Layer: Added by the Sidewalk Gateway to provide the Sidewalk Network Server with additional layer of packet confidentiality

However, even with precautions taken, large corporate networks are hacked all the time. Some of the largest breaches that happened in 2020 were of Google Cloud Services, Facebook, Instagram, and Whisper.

Having a direct connection to your network by Amazon’s public network could leave your business at larger risk of a breach.

General Location Can Be Visible

While users shouldn’t be able to see who is connected to their Sidewalk Bridge and those connected can’t see the exact address of an available network, users can share location.

This setting allows users to share the “approximate location” of their Sidewalk Bridge device, which is noted by Amazon as helping neighbors “locate their pets.” However, it could also be used by hackers to help them locate your network connection.

Third-Party Developers Will Be Tapping Into Sidewalk

While currently, just select Amazon devices are enabled to use the public Sidewalk network, the company is inviting third-party developers to create or update devices to be compatible to use the network as well.

This significantly increases the security risk, because not all developers are going to use the same level of caution or security controls, meaning vulnerabilities will inevitably increase.

How Secure Are Your IoT Endpoints?

Is your company data at risk due to unsecure IoT devices? Unity IT can help your Fresno area business with a full security assessment and let you know what you need to do to stay protected.

Contact us today to schedule a technology consultation at 559-297-1007 or reach out online.