Hubble Connected - Safe and Secure Baby Monitors and Nursery Products

We at Hubble Connected understand how important safety and security is for parents when deciding on a baby monitor. Baby monitors over the years have evolved with new technological innovations and have become essential tools for every parent to keep their eyes on little ones. Being a team of experienced tech and online security veterans, we take pride in doing our utmost to serve the parent community with a zero-compromise policy when it comes to security, privacy for their families and ensuring that our standards exceed compliance standards.

Hubble Connected Data & Video Encryption

Parents are always more cautious and worried about their baby's privacy when data is transmitted over the internet, stored on cloud infrastructure, and processed in the cloud. Encryption is the best way of keeping data safe and confidential as it is sent over the internet, so Hubble Connected ensures encryption throughout for all the sensitive data-points within the Hubble ecosystem, including at rest, in transit, or during processing.

• Utilizing SSL/TLS certificates specified as “https” helps us ensure that user’s data in transit remains protected and uncompromised. The security factors of SSL are based on the security certificates’ “Chain of Trust”, which may be seized by establishing malicious certificates. An extra layer of security in the form of SSL certificate pinning process helps us to prevent dangerous and complex security attacks where application relies on its stored certificates instead of relying on certificate authority stores licenses.

• Hubble uses Orbweb Connect for our live-streaming, which is certified by the National Institute of Standards and Technology’s (NIST) Cryptographic Algorithm Validation Program (CAVP). CAVP validates that critical cryptographic algorithms are compliant with Federal Information Processing Standards (FIPS), the U.S. federal government’s standard for cryptographic software.

• Our platform uses X509/PKI for client authentication and for initiating a secure communication channel from client to device. Devices use dynamically generated authentication (AES-128) for establishing a secure communication channel back to the initiating client. The mediation server passes the identity of the authenticated client to the device and exchanges a session key between client and device for data confidentiality. For anybody to decrypt this level of security it will take around 61*10^12 years to decrypt data with the right quantum computer.

• Making sure Hubble IoT is secure doesn’t stop at software design and development. Our cloud hosting partners play a critical role. All personal data including baby’s vitals, motion videos, user preferences are stored using AES – 256 encryption keys into Amazon Cloud which is completely managed by AWS (the world’s #1 IAAS and PAAS provider). They help ensure the resilience and performance of Hubble IoT, meets the expectations of any mission critical system and that the servers, storage and network devices are physically secure.

Multi-Factor Authentication and Session Management

Hubble’s IOT platform has an extra layer of verifying the user’s identity before allowing critical resources access. Multiple factor authentication (MFA) is considered as a critical component for security, meaning applications should have another method for authentication apart from normal traditional method (username and password).

Usernames and passwords are vulnerable to brute force attacks and can be stolen by third parties using different methods so Hubble uses OTP (one time password) based authentication process which is sent to user’s email and mobile number during login. As passwords are easy to hack, OTPs are the first line of defense against potential unauthorized access.

Apart from this, Hubble’s platform provides more transparency about session (who else has logged in and when) and resource authorization. Parents can monitor, control, and manage their session with enhanced permission from mobile applications and defined permission for guest users that specify which are granted access and the operations they are permitted to perform on device.

Distributed denial-of-service (DDoS) attacks

DDoS is a category of malicious cyber-attacks that hackers or cybercriminals employ to make an online service unavailable to its intended users on the Internet, which is considered as like an unexpected traffic jam clogging up the highway, preventing regular traffic from arriving at its destination.

Hubble IoT Platform has enrolled in the AWS advanced shield program, which manages DDoS protection services that safeguards the applications running on AWS & AWS WAF, helping us in protecting our resources (websites and API’s) by monitoring and filtering out threats that cause potential risk to our resources.

Over the air firmware updates

While IP cameras and other IOT device firmware can be updated manually, the vast distribution of IoT-enabled devices like baby monitors, make manual update processes unfeasible and impractical.

Hubble Connected has over the years in its IOT framework built a secure, robust and reliable wireless over-the-air update mechanism for all of the IOT devices it produces. This helps us to continuously add new features, fix security bugs, and improve product behavior, regardless of location.

Hubble have ensured that all the firmware updates are signed and encrypted firmware OTA files for protecting against intellectual property theft and getting access to system design. Hubble IoT frameworks have the flexibility to upgrade any component (kernel, rootfs and firmware app) across the firmware stack quickly when vulnerabilities are reported or discovered.

Secure Mobile App

Parents use their smart phones to view their little ones and access other connected features which are provided by Hubble platform via the HubbleClub App, and we are committed to providing the most secure platform to our users.

Mobile malware causes vulnerabilities and bugs in the infrastructure and design of the application, so our app is written in such a way that it detects and eliminates security vulnerabilities in the code and is immune against reverse engineering. Another provision we have is to block the app access on rooted or jailbroken devices. These types of devices may break the underlying security model of the device so app will check on its own integrity, and can deactivate when suspicious behavior is found.

ISO 27001:2013, ISO 27017:2015 and GDPR

ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system within the organization's context. It also includes requirements for assessing and treating information security risks tailored to the organization's needs.

ISO/IEC 27017:2015 is an information security code of practice for cloud services. It’s an extension to ISO/IEC 27002:2013 and it provides additional security controls for cloud service providers and for cloud service customers. It ensures that Hubble Connected has implemented information security processes and procedures to ensure information stored in the cloud is safe and secure.

The General Data Protection Regulation (GDPR) is a European Union regulation on data protection and privacy in the EU and the European Economic Area (EEA).  The GDPR is one of the most wide-ranging pieces of legislation passed by the EU It was introduced to standardize data protection law across the single market and give people in a growing digital economy greater control over how their personal information is used.

Hubble establishes, implements, maintains, and continually improves an information security management system (ISMS) within the organization. The customers' data on the Hubble platform, we ensure stringent data security methods for data collection and identification, classification, permissions, and encryption.