Secure by Design

CW News published by CW (Cambridge Wireless), under Handsets / Connected Devices, Internet of Things (IoT), Mobile Payment

Manufacturers of 'smart' devices will be expected to build-in tough new security measures that last the lifetime of the product.

Today the Department for Media, Culture and Sport announced plans to keep the nation safe from the increasing cyber threat in a new report, developed alonside manufacturers, retailers and the National Cyber Security Centre, "Secure by Design". 

This initiative is a key part of the Government’s five-year, £1.9 billion National Cyber Security Strategy which is making the UK the most secure place in the world to live and do business online. It lays out plans to embed security in the design process of devices, rather than bolt them on as an afterthought.  Practical steps for manufacturers, service providers and developers laid out in the report include:

  • All passwords on new devices and products are unique and not resettable to a factory default, such as ‘admin’
  • They have a vulnerability policy and public point of contact so security researchers and others can report issues immediately and they are quickly acted upon
  • Sensitive data which is transmitted over apps or products is encrypted
  • Software is automatically updated and there is clear guidance on updates to customers
  • It is easy for consumers to delete personal data on devices and products
  • Installation and maintenance of devices is easy.

Alongside these measures, the report also proposes a product labelling scheme so consumers are aware of a product’s security features at the point of purchase. 

“The IoT and Security are both hot topics for Cambridge Wireless members and we are acutely aware of the potential dangers posed by insecure devices as they get deployed in our homes and the general environment. This Government Code of Practice is an important step forward to raise awareness, not just in the suppliers but right through the supply chain to retailers and their customers. No doubt the practical implications of the Code will be discussed in forthcoming CW events." - John Haine, University of Bristol, Academic & Industry SIG Champion

The full Secure by Design report is available on the government website. Stakeholders have an opportunity to send feedback on the report’s draft proposals via securebydesign@culture.gov.uk from the 7th March until the 25th April.

The original press release can be found on the government's website and the BBC has also provided coverage.

Subscribe to the CW newsletter

This site uses cookies.

We use cookies to help us to improve our site and they enable us to deliver the best possible service and customer experience. By clicking accept or continuing to use this site you are agreeing to our cookies policy. Learn more

Start typing and press enter or the magnifying glass to search