Cannabis Security and Ubiquiti Dream Machine


Cannabis Security and Ubiquiti Dream Machine – Maybe not the best “Dream Team” 

Everyone in the cannabis industry understands the importance of physical security for both compliance and for protection. That’s why most cannabis operators bring in outside cannabis security services firms to help with design, equipment selection, and installation.  

One issue with this, however, is that many cannabis security firms claim to be able to handle network and IT setup, too. Even if these companies are experts in physical security, their understanding of IT is often very basic, which can result in a poor IT setup, which then results in connectivity problems, outages, and lost revenue and productivity. 

Their lack of expertise may be best exemplified by their common use of Ubiquiti Dream Machines in their network setups. In this blog, we’ll explain how these companies are using Dream Machines; how these devices are less than ideal for a resilient, secure, and commercial-grade network; and what this says about the inadvisability of relying on physical security companies for your IT setup as a whole.

What is the Dream Machine? 

Ubiquiti’s offering, the UniFi Dream Machine (UDM), is a networking device designed for both businesses and homes. The UDM functions as an all-in-one device combining the capabilities of a router, switch, and access point. It’s part of Ubiquiti’s UniFi line of products, which are known for their ease of use and management through the UniFi Controller software.

What are the Dream Machine’s Limitations? 

The above reasons therefore make it an attractive option for cannabis security companies to turn to Ubiquiti and the UDM devices to meet their networking and security needs. However, despite its appeal, the UDM is not without its shortcomings: 

Limited Scalability 

There is potentially an issue of limited scalability for UDM devices, which might prove problematic when small businesses expand their operations in the future. Upon expansion, cannabis companies would require more advanced networking equipment to support additional devices and the subsequent increased traffic. Reviews from users have pointed to the UDM facing issues with internet speed when threat detection is enabled, and this can prove to be a major obstacle once small businesses start scaling up. 


Ubiquiti has faced criticism for its security vulnerabilities in the past. The company suffered a data breach in January 2021, involving unauthorized access to its cloud-based customer database. Reliance of the UDM on Ubiquiti’s cloud-based platform for management and updates introduces potential risks involving data privacy, especially in an industry subject to very strict regulations, like cannabis. While the UDM offers adequate security features, they may not be ideal against highly specific and sophisticated cyber attacks. 

In addition, Ubiquiti products don’t have the same level of support as business-grade solutions from other vendors like Fortinet and Sophos – that’s why Ubiquiti products are so cheap. Solutions from other vendors are backed by Security Operations Centers (SOCs) and massive teams of enterprise-level network security engineers, who continually upgrade and maintain their solutions and are available to assist with security breach incident response. The end result is that Ubiquiti UDMs are more like consumer-grade routers than reliable and secure network solutions that businesses require. 

Single Point of Failure 

Cannabis companies with unique requirements may run into constraints because of the UDM’s predefined settings. UDMs may also cause whole system crashes if they face irreparable damage due to any reason, because of their all-in-one design and configuration, leading to complicated and expensive repair processes.

Cannabis Security Companies and IT 

The role of cannabis security companies in safeguarding dispensaries, cultivation facilities and other cannabis-related businesses is crucial for the industry. Companies offering security to cannabis businesses have some of the most demanding objectives, in line with the regulatory requirements of the cannabis industry.  

It has been seen that there are instances of security companies also handling IT requirements of cannabis businesses, because of the overlap of certain technologies, the UDM being a primary example. While this may seem to be a cost-effective solution, there can be underlying disadvantages if such practices are continued. 

Lack of Expertise 

First and foremost is the matter of lack of specialization and expertise. Cannabis security companies utilize physical security measures like surveillance systems, access control, and alarm monitoring. While they may be skilled in these areas, they may lack the depth of expertise required to manage IT networks and systems effectively.  

IT infrastructure, in general, and comparatively, requires understanding of more complex mechanisms including networks, software and regulatory compliance. Operation and management of the same, will therefore, require mandatory technical knowledge and expertise, which may not be within the typical skill set of a cannabis security company. 

They Don’t Know the Regulations 

The cannabis industry is subject to extremely stringent regulatory requirements governing security, data protection, and compliance reporting. While security companies may be familiar with physical security regulations, they may lack the expertise to navigate the complex landscape of IT compliance. 

They’ve Tied to Specific Vendors 

Security companies often partner with specific vendors, which can create conflicts of interest when attempting to advise on IT solutions. A vendor-neutral approach to specialized IT consulting ensures that cannabis businesses receive unbiased recommendations tailored to their specific needs, rather than being steered towards solutions that benefit the security provider’s bottom line. 

They’re Not Focused on IT 

Security companies entrusted with IT responsibilities of cannabis businesses may result in an approach where security measures are focused more, instead of broader IT best practices. Steps towards proactive and effective management of IT systems like network monitoring, performance optimization, software updates, and disaster recovery planning may not receive required level of attention, leading to shoddy work, and leaving businesses open to IT-related threats. 

Summing Up 

In today’s world, where businesses pursue cost-effective solutions, Ubiquiti’s Dream Machine products seem like the obvious answer to a lot of questions. The UDM is almost an epitome of convenience, combining as many as 4 different devices and functions into one. This is a primary reason that has led several cannabis security companies, tasked with providing security solutions to cannabis businesses, to turn towards Ubiquiti and their UDM products.  

This practice, however, has an underlying flaw in the plan due to the relative inexperience of security companies in the field of IT, and the UDM’s own limitations. While such an overall combination of factors might work for small cannabis businesses, the cracks in the system will begin to show as businesses start scaling up and expanding; ultimately proving that this approach might not be a long-term solution.  

Further, security companies, not well-versed in effective IT operation and management, are liable to overlook best IT practices, which would not be in any business’ best interests. Cannabis companies should seek experienced and specialized IT consultants for comprehensive and robust IT solutions who can provide advice and tailor-made solutions suited to a business’ needs and goals. 

Cure8 – The Only True All-In-One Cannabis Security and IT Provider 

Cure8 is the only company that can deliver turnkey, all-in-one security and IT installations for cannabis businesses. Our team includes seasoned network engineers that carefully plan and set up your IT relying on true commercial-grade equipment and best practices. Discover the difference today by reaching out and requesting a free review of your current security and IT approach. 

Related Articles