The Internet of Things (IoT) encompasses a wide range of interconnected and Internet-connected devices that can collect and transfer data across the network without human intervention. The increase in the use of intelligent technologies leads to greater convenience of the IoT, but it also opens the door to cybersecurity threats.
Reports of cyber breaches are on the rise as the security level of each network has the same level of security as the least secure device within it, and the responsibility to uphold the security standards of connected devices rests with the manufacturers.
The advantages of the IoT can only be achieved if already in the design phase, the products and services take into account security and privacy requirements, increasing consumer confidence. Greater data circulation necessarily brings greater opportunities for loss or unavailability of the same. Poorly secure products threaten consumer privacy and can be used by criminals to launch large-scale Distributed Denial of Service (DDoS) cyberattacks.
The Technical Committee for Information Security of the ETSI (European Telecommunications Standards Institute) has published the ETSI TS 103 645, the standard on IoT products’ security for the consumer world. The document contains recommendations aimed at manufacturers and developers of networkable devices (better known as IoT products) intended for the general public (smart TVs, smartwatches, smart cameras, home automation systems, etc.) and now widespread in every social and production environment. The document, in fact, focuses on the most relevant technical and organizational controls to address the significant and widespread gaps in safety. The goal is to contribute to increasing the security of IoT devices in order to increase consumer confidence at the same time.
The new security rules affect a wide range of IoT devices: security products such as smoke detectors and door locks, smart cameras, televisions and speakers, wearable medical devices, home automation and alarm systems, and household appliances (for example, washing machines and refrigerators).
The recommendations indicated in the standard include, for example, avoiding placing devices on the market with usernames and passwords set by default (admin; admin) and identifying contact points to report any new product vulnerabilities.
Other good practices and recommendations to follow can be:
It is essential to have a model that relies on other network security methodologies, such as rigorous access controls, network segmentation, and the definition of a “protected surface” that includes data, resources, applications, and services critical to the core business.
Also Read : “Nobody Can Care About My Digital Identity, ” Sure?
Remember the prehistoric days of battling other fans over the last team slab of plastic…
The popularity of ebooks has grown exponentially over the past few years, with the online…
National Information Systems Security Agency created a "crisis pilot" role motivated by the increasing complexity…
Poor management can become the beginning of the end of your business. To ensure business…
Although experts agree that no system is 100% secure and foolproof, for the good of…
Developer Data Platforms - As the volume and complexity of data continue to skyrocket, organizations…