As we approach the holiday buying season, excitement is building for all the new IoT gadgets – “smart” everything for the home, fitness/health trackers and a plethora of connected children’s toys. But this excitement should come with a giant asterisk:
* Are these products safe?
We’ve all seen the horror stories – hacked baby monitors, vulnerable door locks, robot vacuums turned into roving surveillance devices and connected toys pulled from shelves.
Clearly these gadgets need further inspection. This week the Internet Society has joined with Consumers International and Mozilla to advocate for a set of five minimum security and privacy standards IoT manufacturers should follow to improve the safety of their products. Mozilla has incorporated these into their evaluation of 70 products in the latest version of Privacy Not Included, their holiday IoT buyer’s guide. More detailed explanations of the guide and evaluation criteria are also available.
These minimum guidelines are great start to improve IoT security and privacy. They are a subset of our IoT Trust Framework, which comprehensively addresses key security, privacy and lifecycle principles that should be incorporated into IoT offerings. Manufacturers can use this list of principles to practice “trust by design,” resellers can use it as a checklist for determining which products to carry, and policymakers can use it to inform decisions regarding IoT security and privacy.
We are committed to helping improve safety and trustworthiness in IoT products. Check out our #GetIoTSmart page for consumer and enterprise IoT safety checklists and to keep up to date on our latest IoT activity. And in the meantime, before you buy, be sure to inspect those gadgets.
Do you know the risks of what you’re buying? Get IoT smart!