Technology

Posted on October 15, 2018 by staff

Top tech companies support new code for device security

Technology

The government has published new measures to help manufacturers boost the security of internet-connected devices such as home alarm systems, fridges and toys.

Tech companies HP Inc. and Centrica Hive Ltd are the first companies to sign up to commit to the code.

There are expected to be more than 420 million internet-connected devices in use across the UK within the next three years. Poorly secured devices such as virtual assistants, toys and smartwatches can leave people exposed to security issues and even large-scale cyber attacks, as seen in recent headlines.

To combat this, the Department for Digital, Culture, Media and Sport (DCMS) and the National Cyber Security Centre (NCSC) have set out plans in a ‘Secure by Design’ review to embed security in the design process of new technology rather than bolt it on as an afterthought.

As a result, a new Code of Practice has been developed with industry to improve the cyber security of devices, encourage innovation in new technologies and keep consumers safe.

David Lidington, Chancellor of the Duchy of Lancaster and minister for the Cabinet Office, said: “Tech companies like HP Inc. and Centrica Hive Ltd are helping us put in place the building blocks we need to transform the UK’s cyber security.

“I am proud to say the UK is leading the way internationally with our new Code of Practice, to deliver consumer devices and associated services that are Secure by Design.”

Poorly secured devices can threaten individuals’ privacy, compromise their network security, their personal safety and could be exploited as part of large-scale cyber attacks.

The new Code of Practice provides 13 guidelines that manufacturers of consumer devices should implement into their product’s design to keep consumers safe.

This includes secure storage of personal data, regular software updates to make sure devices are protected against emerging security threats, no default passwords and making it easier for users to delete their personal data off the product.

Dr Ian Levy, the NCSC’s technical director, said: “The NCSC is committed to empowering consumers to make informed decisions about security whether they’re buying a smartwatch, kettle or doll.

“We want retailers to only stock internet-connected devices that meet these principles, so that UK consumers can trust that the technology they bring into their homes will be properly supported throughout its lifetime.”