Security and privacy are as important as functionality and usability. We take it seriously at every level: device-to-device, device-to-app, device-to-cloud, cloud-to-app. Regarding our devices, they run a purpose-built operating system that doesn't have the weaknesses and potential attack points that a general-purpose OS has. There are no open ports or protocols. Since there's nothing to log in to, there is no way to carry out a brute-force login attempt.
All network communication is initiated by our device. The only two-way communication is to our servers. Launching an attack requires a malicious user to install attack bot malware on the host system. But the only way for any software to get on our devices is to update the firmware, which must be downloaded from our secure servers. All firmware is encrypted using a per-device key, which is validated before install. This protects against malicious firmware being placed on the device.