Written by Mark Evans
The Government is announcing guidelines to make smart devices more secure.
Manufacturers of internet-connected devices will now be asked to add security measures, including passwords that are unique and not resettable to a factory default.
The Secure by Design requirements come as a response to the increasing cyber threat, and as well as preventing access via weak passwords will ask manufactures to have vulnerability policy and a public point of contact to report issues to so they can be acted on. In addition all sensitive and private data will be to be encrypted if it is to be transmitted in any way and easily deleted, and upgrades will need to be automatic.
Margot James, Minister for Digital and the Creative Industries, said: “This will help ensure that we have the right rules and frameworks in place to protect individuals and that the UK continues to be a world-leading, innovation-friendly digital economy.”
Likening the moves to the food standards ‘traffic light’ system Dr Ian Levy, of the NCSC’s Technical Director, said: “We are pleased to have worked with DCMS on this vital review, and hope its legacy will be a government ‘kitemark’ clearly explaining the security promises and effective lifespan of products. Shoppers should be given high quality information to make choices at the counter. We manage it with fat content of food and this is the start of doing the same for the cyber security of technology products.”
Doubters have, however, expressed some concern that the guidelines are voluntarily enforced, and the Government will be conducting more work in 2018 to further develop these recommendations.