Posted on March 7, 2018 by staff

Government demands better security in smart devices


Manufacturers of ‘smart’ devices have been told to build-in tough new security measures that last the lifetime of the product.

The new government measures are part of plans to boost cyber security in millions of internet-connected devices and keep the UK safe.

Estimates show every household in the UK owns at least 10 internet connected devices and this is expected to increase to 15 devices by 2020, meaning there may be more than 420 million in use across the country within three years.

Poorly secured devices threaten individuals’ online security, privacy and safety, and could be exploited as part of large-scale cyber-attacks.

The Secure by Design review, developed in collaboration with manufacturers, retailers and the National Cyber Security Centre, lays out plans to embed security in the design process rather than bolt them on as an afterthought.

“We want everyone to benefit from the huge potential of internet-connected devices and it is important they are safe and have a positive impact on people’s lives,” said Margot James, minister for digital and the creative industries.

“We have worked alongside industry to develop a tough new set of rules so strong security measures are built into everyday technology from the moment it is developed.

“This will help ensure that we have the right rules and frameworks in place to protect individuals and that the UK continues to be a world-leading, innovation-friendly digital economy.”

The Secure by Design report outlines practical steps for manufacturers, service providers and developers, including making passwords on new devices and products are unique and not resettable to a factory default; ensuring that sensitive data transmitted over apps is encrypted; automatically updating software; and making it easy for consumers to delete personal data on devices, among others.

Alongside these measures for ‘Internet of Things’ manufacturers, the report proposes developing a product labelling scheme so consumers are aware of a product’s security features at the point of purchase.

Julian David, CEO of TechUK, said: “The opportunities created by the Internet of Things are now becoming clear. It offers consumers and citizens greater empowerment and control over their lifestyles, from managing energy consumption at home to having peace of mind that a frail relative is going about their normal routine.

“However, these opportunities also bring risk and it is important that the IoT market now matures in a sensible and productive way, with security embedded at the design stage. This project is the start of that maturity. Industry has been keen to engage in the review and demonstrate what is best practice.

“It is important that companies throughout the supply chain now adopt and build on this Code of Practice to build the trust required to drive widespread take-up of the IoT.”