Research report published: ``minimum security requirements for smart devices``
Qbit and BlueMark have worked together in a research project about minimum security requirements for smart devices. It was commissioned by the Dutch Radiocommunications Agency.
The Radiocommunications Agency is using the results of the study to establish the introduction of digital security requirements for smart devices within Europe.
The English research report is available online and can be found here: final report or on this website.
Find below the official press release:
The Radiocommunications Agency pushes for eight security requirements for smart devices
According to a study commissioned by the Radiocommunications Agency Netherlands, a set of eight requirements will ensure consumers are better protected against cyber attacks. The Radiocommunications Agency is using the results of the study to establish the introduction of digital security requirements for smart devices within Europe.
The Radiocommunications Agency wants to ban factory default passwords and have updates be installed automatically. It is of the opinion that manufacturers must use secure connections and not allow unnecessary connections. Furthermore, manufacturers and providers of smart appliances should also inform consumers about the safe use of smart devices. The eight requirements are not exhaustive, but together provide the greatest safety effect.
Angeline van Dijk, the director and chief inspector of the Radiocommunications Agency, says: ‘We consider it an unacceptable risk that there are still no safety requirements that smart devices must meet. With this study, we, as the Netherlands, are taking the lead in getting rules adopted on a European level.’
Literature study
The eight requirements stem from a literature study conducted by Bluemark Innovations and Qbit Cyber Security, which specialise in network technology and data security. The researchers looked at recent worldwide publications on the security of smart consumer products. They collected the most common vulnerabilities and then assessed all the security measures mentioned. The eight requirements not only increase the security of smart consumer appliances, but can also be easily tested and implemented by manufacturers.
Previous studies carried out on behalf of the Radiocommunications Agency showed that, for many smart consumer devices, digital security has not been properly implemented. Many devices on sale today cannot be used safely and securely. As such, not only will the Radiocommunications Agency bring the study to the attention of European standardisation organisations, but it will also advise manufacturers of smart appliances to use the eight requirements in the production and trading of smart devices.
Use smart devices, but do so deliberately
If you use a smart device, there is much that you can do yourself to make your device less vulnerable to unwanted access and cyber attacks: perform regular updates, choose a strong password, share as little information as possible with the device and don’t connect the device to a network unnecessarily. Many devices do not require an internet connection to function. See more tips for safe use of smart devices (Dutch only).