Smart devices: new law helps citizens to choose secure products
From 29 April 2024, manufacturers of consumer ‘smart’ devices must comply with new UK law.
The law, known as the Product Security and Telecommunications Infrastructure act (or PSTI act), will help consumers to choose smart devices that have been designed to provide ongoing protection against cyber attacks.
The law means manufacturers must ensure that all their smart devices meet basic cyber security requirements. Specifically:
- The manufacturer must not supply devices that use default passwords, which can be easily discovered online, and shared. If the default password is used, a criminal could log into a smart device and use it to access a local network, or conduct cyber attacks.
- The manufacturer must provide a point of contact for the reporting of security issues which – if ignored – could make devices exploitable by cyber criminals.
- The manufacturer must state the minimum length of time for which the device will receive important security updates. When updates are no longer provided, devices are easier to hack, or may stop working as designed.
Original Source: ncsc[.]gov[.]uk
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
