Citation[]
European Telecommunications Standards Institute, Cyber Security for Consumer Internet of Things, ETSI TS 103 645 V1.1.1 (2019-02) (Feb. 2019) (full-text).
Overview[]
As more devices in the home connect to the internet, the cyber security of the Internet of Things (IoT) is becoming a growing concern. People entrust their personal data to an increasing number of online devices and services. Products and appliances that have traditionally been offline are now becoming connected and need to be designed to withstand cyber threats.
This document brings together widely considered good practice in security for internet-connected consumer devices in a set of high-level outcome-focused provisions. The objective of this document is to support all parties involved in the development and manufacturing of consumer IoT with guidance on securing their products.
The provisions are outcome-focused, rather than prescriptive, giving organizations the flexibility to innovate and implement security solutions appropriate for their products.
This document is not intended to solve all security challenges associated with consumer IoT. Rather, the focus is on the technical controls and organizational policies that matter most in addressing the most significant and widespread security shortcomings.