8 Ways IoT Manufacturers Can Improve Security
New guidelines issued by the Online Trust Alliance offer ways to lock down IoT devices.
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt45eade13316252fd/64f0daf14ff3b0216e42700c/Slide1-CoverArt.jpg?width=700&auto=webp&quality=80&disable=upscale)
There are ways to improve security in IoT devices – and it all starts with IoT manufacturers.
This was one of the findings of research on home and wearable technology done by the Online Trust Alliance (OTA).
The OTA found that when manufacturers follow the security and privacy principles outlined in the organization’s new IoT Trust Framework, many, if not all, of the reported vulnerabilities in IoT devices can be avoided.
Craig Spiezle, executive director and president of the OTA, says in the rush to bring product to market, IoT producers often overlook security and privacy. The IoT Trust Framework lays out 31 principles that device manufacturers, developers and policy makers can follow to improve security in IoT devices.
“We also think that CISOs should be aware of the framework, especially as more people bring IoT devices from the home to the workplace,” Spiezle says, adding that along with device manufacturers and application developers, large retailers, the National Association of Realtors, and venture capital funds have expressed interest in adopting the IoT framework principles.
Based on an interview with Spiezle, the following eight slides offer an easy way for readers to digest the IoT Trust Framework.
Manufacturers tend to release products with insecure credential management, including having administrative controls that are open and discoverable. By limiting access to both privileged users and general users, they can better secure and lock down administrative controls.
A low-end IoT device will often connect to the strongest network it can find. Developers need to build in pairing controls that ensure that the device is connecting to the network the user has specified. This kind of problem can become an issue in apartment buildings or townhouse complexes with multiple WiFi networks roaming.
This point is in many ways an add-on to No. 3 on this list, but IoT companies need to test for known vulnerabilities and exploits. Doing so will cut down on potential security problems once the product is in use.
There are ways to improve security in IoT devices – and it all starts with IoT manufacturers.
This was one of the findings of research on home and wearable technology done by the Online Trust Alliance (OTA).
The OTA found that when manufacturers follow the security and privacy principles outlined in the organization’s new IoT Trust Framework, many, if not all, of the reported vulnerabilities in IoT devices can be avoided.
Craig Spiezle, executive director and president of the OTA, says in the rush to bring product to market, IoT producers often overlook security and privacy. The IoT Trust Framework lays out 31 principles that device manufacturers, developers and policy makers can follow to improve security in IoT devices.
“We also think that CISOs should be aware of the framework, especially as more people bring IoT devices from the home to the workplace,” Spiezle says, adding that along with device manufacturers and application developers, large retailers, the National Association of Realtors, and venture capital funds have expressed interest in adopting the IoT framework principles.
Based on an interview with Spiezle, the following eight slides offer an easy way for readers to digest the IoT Trust Framework.
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024