UK sets wheels in motion for a more secure digital world

The UK Government has announced plans to introduce new security and privacy rules to ready the country for a flood of IOT devices.

Jamie Davies

May 1, 2019

3 Min Read
data spy security hack

The UK Government has announced plans to introduce new security and privacy rules to ready the country for a flood of IOT devices.

The rules, at consultancy stage currently, will create a new standard for security, hopefully protecting consumers from the pitfalls of the unknown when it comes to the connected economy. Like many other aspects of today’s society, much regulation and legislation has been designed for a by-gone era, with many consumers unaware of the dangers of the digital economy. Such redesigns should not only create a relevant rulebook, but force providers and device manufacturers to consider security as more than an afterthought.

“Many consumer products that are connected to the internet are often found to be insecure, putting consumers privacy and security at risk,” said Digital Minister Margot James. “Our Code of Practice was the first step towards making sure that products have security features built in from the design stage and not bolted on as an afterthought.

“These new proposals will help to improve the safety of Internet connected devices and is another milestone in our bid to be a global leader in online safety.”

The ‘Secure by Design’ code of practice addresses the security oversight. Not only will security have to be built into the foundation of products and services, but firms will have to be more engaging with the consumer when it comes to security. It will force some brands and companies to extend the relationship with the consumer beyond the point of purchase, which for many in previous years, had been the end.

As part of the scheme, manufacturers who meet the criteria set forward will be able to include a label on packaging and advertising to help consumers identify products that have basic security features and those that don’t. It will create a much more transparent approach to security, and potentially make security a factor in the buying process. This in turn will ensure companies think of security as more than simply a bolt-on process at the end of product or service design.

“Serious security problems in consumer IoT devices, such as pre-set unchangeable passwords, continue to be discovered and it’s unacceptable that these are not being fixed by manufacturers,” said National Cyber Security Centre (NCSC) Technical Director, Dr Ian Levy.

“This innovative labelling scheme is good news for consumers, empowering them to make informed decisions about the technology they are bringing into their homes.”

Although some might see this process as nothing more than a bit more red-tape to navigate, these are the companies which are likely to be under the greatest financial pressure and therefore those who will be more likely to do security a dis-service. Ultimately, this move should be viewed as nothing but a good thing.

With more of our day-to-day lives becoming digital, the dangers of the online world increase. The ‘Secure by Design’ code of practice not only creates more protections for consumers but brings the rule-book into the digital era. In the past we might have complained regulations and legislation are inadequate for today’s world, but progress is being made. Slowly, but surely.

Get the latest news straight to your inbox.
Register for the newsletter here.

You May Also Like