Australia has joined the ever-swelling ranks of government and industry organizations developing guidelines or enacting regulations regarding IoT device security. On Nov. 11, 2019, the country published their “Draft Code of Practice: Securing the Internet of Things for Consumers,” which outlines 13 security practices intended to apply to all IoT devices available in Australia.
While Australia’s initiative is not unique, it illustrates the growing realization that companies can no longer ignore the need to secure IoT devices. The Australian Initiative, at least for now, is voluntary. Other governments are taking this further, passing laws requiring minimal levels of security and it is not unreasonable to think that Australia will eventually follow suit.
Regardless of the legal status, this raises the stakes for OEMs building IoT devices.
IoT Security Principles
The 13 principles outlined in the document, while perhaps not comprehensive enough, provide a strong foundation for security of IoT devices. While some of the items relate to providing consumers with control over their personal data and ensuring consumers can actually help manage the security of their devices, most are aimed at increasing the security of IoT devices. These include:
These requirements map into the IoT Identity and Integrity solutions provided by Sectigo.
A security framework, such as Sectigo’s IoT Identity and Integrity Suite, provides an integrated suite of security building blocks, and provides a foundation for compliance with a wide range of existing and emerging security guidelines and standards.
IoT Security Implementations
The Australian Cybersecurity guidelines highlight the importance of building security into IoT devices. This requires security features that protect the device from attack, protect the integrity of the device, and enable device identity. Sectigo’s IoT authentication and integrity solutions provides IIoT and IoT OEMS with best-in-breed solutions for authenticating and securing connected devices, including:
Keeping IoT devices and information safeguarded from cyberattack is not simple and will never be perfect. It’s an ongoing battle. Cyber criminals are always improving their methods and developing new, clever attack tactics. However, staying current with cybersecurity best-practices and using proven security solutions, including those outlined in the Australian Cybersecurity Guidelines, provides a strong foundation for protecting devices from cyberattacks.