BSI has launched a compliance scheme and governance framework for the Internet of Things (IoT). The scheme allows ‘smart’ devices and applications to be assessed against the Government’s new IoT proposed code of practice announced earlier this month by Margot James, Minister for Digital and the Creative Industries.
The compliance scheme allows for assessment within a digital verification framework. This enables ongoing real-time visibility of the scope, meaning and status of verification for a product or application. The framework is flexible to allow further evolution as the Department for Digital, Culture, Media and Sport (DCMS) scheme is implemented. It also reflects the need for security provisions to be appropriate to the properties of the technology and usage.
BSI’s new IoT compliance scheme is based on global best practice for information security, and is matched to the 13 points in the IoT proposed code of practice developed by the DCMS in collaboration with the National Cyber Security Centre, manufacturers and retailers.
Government figures1 show that every household in the UK owns at least 10 internet connected devices, from smoke alarms to televisions. Until today it has been difficult to assess the safety and reliability of these devices and their applications, putting individuals’ online security, privacy and data at risk of exploitation or hacking. Ahead of the arrival of the new GDPR regulations in May, organizations both in the UK and overseas need to ensure personal data is protected. Recent high-profile breaches have included attacks on smart watches, CCTV cameras and children’s dolls.
A DCMS spokesperson said:
"This Government wants everyone to benefit from the huge potential of internet-connected devices and it is important they are safe and have a positive impact on people’s lives. The Government have worked alongside industry to develop a tough new set of rules so strong security measures are built into everyday technology from the moment it is developed. We welcome the work of BSI to help industry shape and drive compliance to the new Code of Practice"
David Mudd, IoT development director at BSI said: “There is already at least one IoT device for every person on the planet, and this is set to grow exponentially as the full potential of this technology is realized. Consumers and industry need to have confidence in the safety and reliability of these new devices and applications. Standards catalyse trust between innovative technologies and innovative business models. Independent verification to a government code of practice will unlock trust in IoT both today and tomorrow.”