UK government launches guidance to help secure IoT devices
There are expected to be more than 420 million internet connected devices in use across the UK within the next three years and if poorly secured these can leave people exposed to security issues and even large scale cyberattacks.
To address this, a new voluntary Code of Practice is being launched by the UK government to help manufacturers boost the security of internet-connected devices such as smartwatches, virtual assistants and toys.
Minister for Digital, Margot James, says
From smartwatches to children's toys, internet-connected devices have positively impacted our lives but it is crucial they have the best possible security to keep us safe from invasions of privacy or cyber attacks.
The UK is taking the lead globally on product safety and shifting the burden away from consumers having to secure their devices.
The pledges by HP Inc. and Centrica Hive Ltd are a welcome first step but it is vital other manufacturers follow their lead to ensure strong security measures are built into everyday technology from the moment it is designed.
The guidelines have been developed in conjunction with the National Computer Security Centre (NCSC). A number of major tech companies including HP and Centrica Hive are among the first to sign up to commit to the code, which outlines thirteen guidelines that manufacturers of consumer devices should implement into their product’s design to keep consumers safe.
These include secure storage of personal data, regular software updates to make sure devices are protected against emerging security threats, no default passwords and making it easier for users to delete their personal data from the product.
Dr Ian Levy, the NCSC's Technical Director, says,
With the amount of connected devices we all use expanding, this world-leading Code of Practice couldn't come at a more important time.
The NCSC is committed to empowering consumers to make informed decisions about security whether they're buying a smartwatch, kettle or doll. We want retailers to only stock internet-connected devices that meet these principles, so that UK consumers can trust that the technology they bring into their homes will be properly supported throughout its lifetime.
The full Code of Practice is available to download from the Department for Digital, Culture, Media and Sport website. There's also a mapping document to help manufacturer's comply.
Image credit: Jirsak / Shutterstock