New Government Scheme Could Require Security Labels for Smart Home Devices
Connected devices may have to carry Internet of Things (IoT) security labels telling consumers how secure they are from cyber-attacks, under the introduction of new laws by the UK Government.
Initially, the labels would be introduced voluntarily to guide consumers in understanding which products are secure, before ultimately becoming mandatory.
This new Government scheme goes about attempting to improve general cybersecurity in the UK with requirements such as passwords on IoT devices that can’t be reset to a universal factory setting, and a public point of contact as part of a policy for disclosing any discovered vulnerabilities. Further, the manufacturers have explicitly stated the minimum length of time that a device will receive security updates.
The news arrived the day after Margot James held a conference on IoT security with Amazon, Philips, Panasonic, Samsung, Miele, and Yale.
“These new proposals will help to improve the safety of internet-connected devices and is another milestone in our bid to be a global leader in online safety” stated Margot James, reinforcing the Government’s latest step in making the UK one of the safest platforms in the world to be online. This news is the first step towards making a new rule to ensure products on the market have safety features built in from the design stage and not bolted on as an afterthought.
Smart home devices have become more and more popular in the UK recently. Due to the popularity, the Government has attempted to create consistency alongside global partners to ensure guidelines are created simultaneously across the board.
An alternative approach to the label in the consultation would be to sanction retailers from selling products that fail to meet the security requirements of the code of practice.
What's your thoughts on this measure? Let us know @SmartHomeExpo!