ioXt Compliance: The Yardstick That Demystifies IoT Cybersecurity
ioXt Compliance: The Yardstick That Demystifies IoT Cybersecurity
Cybersecurity is becoming an ever more critical target for commercial and consumer products. Retail channels, ecosystem operators and insurance providers need a system—and a good one—to specify and measure the security they lack.
Soon, ioXt’s compliance program will give them just that. By providing a harmonized set of requirements, ioXt has created a common tool that allows channel owners to specify what security attributes they need, measure them and build to an industry-defined yardstick.
In the past year, over 120 organizations came together to create the program. It is built around eight security principles, and rating levels for each--clear guidelines for quantifying (on a rating scale of 1 to 4) the appropriate level of security needed for the channel or use of the product.
The Pledge principles are:
1) No universal passwords
2) Secured interfaces
3) Proven cryptography
4) Security by default
5) Signed software updates
6) Automatic updates
7) Vulnerability reporting program
8) Security expiration date.
From light bulbs to set-top boxes, what are each of the security attributes you need to make your product? What’s a 1-rated versus a 4-rated product look like for secured interfaces? If you’re a retail buyer who wants to make an informed decision, what security strengths and levels do you need? The ioXt Compliance Program provides sellers and buyers with a common tool to measure the same eight security attributes, while allowing for different applications to drive different security levels (e.g., stronger levels for commercial than for consumer products).
With a harmonized set of requirements, device makers can build to the ioXt compliance yardstick. What’s more, the yardstick ties back to US and EU guidelines. So while it’s defined and led by industry, instead of government, the yardstick actually satisfies both.
It’s industry setting the standards so all parties benefit—and consumers benefit most of all.
The ioXt Compliance Program will launch in the first quarter of 2020.