The Internet of Things Alliance Australia (IoTAA) has published “plain language” guides to security, safety and privacy for Internet of Things (IoT) users and technology providers.
The guides are the first of their type produced in Australia, according to the IoTAA, which is the peak Australian IoT industry body - although the Australian Cyber Security Centre also offers tips aimed at helping the community buy and use IoT devices securely.
The IoTAA guides are designed to increase awareness of IoT risks and “actionable outcomes”. They feature tips for designing, sourcing and managing IoT technology.
The IoT Users Security Awareness Guide covers IoT security, safety and privacy in homes and businesses, including secure use of devices, data, accounts and digital identity.
One of its recommendations is to buy devices that display the IoT Security Trust Mark certification label, which was developed by the IoTAA. The IoT Providers Security Awareness Guide also recommends organisations put their products through the IoT Security Trust Mark certification process.
Cybersecurity product labelling was mentioned last year in the Australian Cyber Security Strategy 2020 as a potential future consideration for the Australian Government.
The new IoTAA guides also recommend IoT users and technology providers map their IoT ecosystems to the IoTAA’s IoT Reference Framework.
Other tips concern the stating of clear security claims, keeping businesses secure (including through the principles in the ISO/IEC 27001 information security management standard), embedding security, safety and privacy by design, securing supply chains, and IoT security codes, recommendations and standards.
The publication of the guides follows an increase in the use of IoT during the pandemic, according to IoTAA CEO Frank Zeichner.
“SecurityToday researchers report that there are 127 new IoT devices connected to the web every second and experts estimate there were approximately 31 billion IoT device installations in 2020,” Zeichner stated.
“The figures were staggering to begin with, and we have seen firsthand how the pandemic has expedited the adoption of IoT devices, by consumers and industry alike.”