COMPANIES MAKING Internet of Things (IoT) gadgets will be expected to integrate a string of tough security measures into their devices under new UK gov plans unveiled on Thursday.
After conducting a comprehensive review of IoT device security, the government has outlined a range of new security processes that tech manufacturers will need to consider when designing devices.
It is widely believed that connected gadgets, including 'smart' televisions, toys and speakers are easy targets for cybercriminals. Security specialists have slammed the makers of such devices for doing too little to secure such devices.
In some cases, especially with connected security systems, manufacturers' desire to make products that will connect to the internet quickly and easily has actively undermined consumers' home IT security.
The government's Security by Design review - which was developed with manufacturers, retailers and the National Cyber Security Centre (NCSC) - makes it clear that companies should integrate sufficient security mechanisms into devices.
From now, technology companies producing connected devices will have to adhere to a new Code Of Practice. Officials claim this will "improve the cybersecurity of consumer internet-connected devices and associated services while continuing to encourage innovation in new technologies".
They added that the review "outlines practical steps for manufacturers, service providers and developers".
Companies are expected to implement admin passwords, generate vulnerability policies, ensure that data is encrypted and issue automatic updates.
Margot James, minister for digital and the creative industries, said the government wants "everyone to benefit from the huge potential of internet-connected devices".
She continued: "It is important they are safe and have a positive impact on people's lives," adding: "We have worked alongside industry to develop a tough new set of rules so strong security measures are built into everyday technology from the moment it is developed.
"This will help ensure that we have the right rules and frameworks in place to protect individuals and that the UK continues to be a world-leading, innovation-friendly digital economy."
Dr Ian Levy, technical director at the NCSC, said the organisation is "committed to ensuring the UK has the best security it can, and stop people being expected to make impossible safety judgements with no useful information".
"We are pleased to have worked with DCMS on this vital review, and hope its legacy will be a government ‘kitemark' clearly explaining the security promises and effective lifespan of products.
"Shoppers should be given high-quality information to make choices at the counter. We manage it with fat content of food and this is the start of doing the same for the cybersecurity of technology products."
Cupertino could potentially be ready to reveal a driverless car system
Doubtful anyone will notice
Could your next colleague be a bot?
Remove the tech or face the courts, threaten privacy advocates