New proposed legislation, launched by the UK’s Digital Minister Margot James, has been published to help improve the security of internet of things (IoT) devices. This includes the introduction of a new labelling system for products to help users understand how secure they are.
To achieve this new label, IoT devices will have to meet a number of basic security requirements; including clearly stating how long security updates would be available for, offering a public point of contact for security vulnerabilities, and coming with unique passwords by default.
Tim Rawlins, director and senior adviser at NCC Group, said: “We believe it’s important to make it as easy as possible for users to behave securely. The labelling of IoT devices will no doubt bring security up the list of priorities for consumers. As more and more connected devices fall under the banner of IoT, it’s important to help remove potential security risks – and while this is a small step towards this, it is still an encouraging one.
“The proposed legislation will put increased pressure on manufacturers to build baseline security features into their products. But there needs to be a continuing focus on driving improvements in security in IoT products across the design and manufacturing industry. Security needs to be a firm focus well before any of these IoT devices end up in users’ hands.
“We will undoubtedly see further recommendations and legislation that will help to cement security within the design process while maintaining a balance between managing risk and letting innovation thrive. These initial steps are in the right direction for all consumers.”