New legislation in the UK requires manufacturers of smart products to implement minimum security standards against cyber threats.
The Department for Science, Innovation and Technology (DSIT) has put into force new regulations stipulating that all internet-enabled smart devices, from phones and broadband routers to games consoles and connected fridges, must meet minimum security standards.
This means that it is now a legal requirement for manufacturers to protect both individuals and businesses from cyber attacks on their devices.
These new laws include manufacturers banning the use of weak or easily guessable default passwords such as ‘admin’ or ‘12345’. If the password is common, the user must be given the opportunity to change it on start-up.
Manufacturers are also required to publish information on how to report bugs and issues so to increase the speed they can be dealt with. They must also be open with consumers on the minimum time they can expect to receive important security updates...