Guidelines for secure IoT device development released

Cloud Security Alliance is helping designers and developers create a more secure future.

The biggest obstacle to deploying Internet of Things, or IoT, is security. Abusing the devices for data theft, DDoS attacks or simply to have them malfunction is an enormous challenge for organisations, as they look to reap the benefits of the new technology. To assist them in that endeavour, Cloud Security Alliance (CSA) has released a new and detailed guide on how to incorporate basic security measures into IoT devices. 

The report, entitled titled Future-proofing the Connected World: 13 Steps to Developing Secure IoT Products, is aimed at designers and developers of IoT products. There is a total of 13 considerations and guidance how to ‘reasonably’ secure the devices, as CSA puts it. It also tackles issues such as how to mitigating common issues and fasts identification of critical security items.  

“It is often heard in our industry that securing IoT products and systems is an insurmountable effort,” said Brian Russell, Chair IoT Working Group and Chief Engineer, Cyber Security Solutions with Leidos. 

“However, with the help of our extremely knowledgeable and dedicated volunteers, we are providing a strong starting point for organizations that have begun transforming their existing products into IoT-enabled devices, as well as newly emerging IoT startups. We hope to empower developers and organizations with the ability to create a security strategy that will help mitigate the most pressing threats to both consumer and business IoT products.” 

The guidelines also cover topics such as device categories, threat categories, available security options, and a checklist for security engineers. 

The full report is available on this link.

Shutterstock/Bakhtiar Zein