The government has announced it will develop a new code of practice designed to improve the security of Internet of Things (IoT) devices.
According to the Department for Digital, Culture, Media and Sport, manufacturers of smart devices will be expected to build in “tough” new security measures that will last the lifetime of the product, as part of plans to keep the UK protected from increasing cyber threats.
Poorly secured devices result in a threat to online security and privacy, and could be exploited as part of large-scale cyber attacks. Recent high-profile breaches that put data and security at risk include attacks on smart watches, CCTV cameras and children’s dolls.
The government’s Secure by Design review, which was developed in collaboration with manufacturers, retailers and the National Cyber Security Centre, sets out plans to embed security in the design process rather than add them on as an afterthought.
It outlines practical steps for manufacturers, service providers and developers, including encouraging companies to ensure that all passwords on new devices and products are unique and not resettable to a factory default, such as ‘admin’.
Working with industry, the government will implement what it called a “rigorous new Code Of Practice” to improve the cyber security of IoT-connected devices and associated services while continuing to encourage innovation in new technologies.
Speaking ahead of a launch event, Margot James, minister for digital and the creative industries, said: “We want everyone to benefit from the huge potential of internet-connected devices and it is important they are safe and have a positive impact on people’s lives. We have worked alongside industry to develop a tough new set of rules so strong security measures are built into everyday technology from the moment it is developed.
“This will help ensure that we have the right rules and frameworks in place to protect individuals and that the UK continues to be a world-leading, innovation-friendly digital economy.”
Share This Post, Choose Your Platform!
With over 25 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.