What is IoT?
IoT is the acronym for the Internet of Things, i.e., many devices connected to the internet. Devices connecting via a network was a not new concept even when the term was initially coined, another term M2M (machine to machine) was already in widespread use in some sectors. Today IoT covers Children’s Doll’s, domestic fridges, washing machines to industrial control sensors.
The rapid adoption and exploitation of the IoT sector has been uncontrolled which has led to vulnerabilities that have impacted domestic, business and infrastructure systems. Governments worldwide are trying to contain some of the rapid growth so that standards can be put in place limit environmental damage, ensure interoperability and security of information and access.
What do we offer for IoT?
We offer device testing and certification via the IASME IoT Cyber Scheme.
The IASME IoT Cyber Assurance scheme aligns with all the provisions in the ETSI EN 303 645 standard and UK legislation.
It is also mapped to the IoTSF Security Compliance Framework. Certification aims to guard against the exploitation of common IoT cyber security vulnerabilities such as weak passwords, legacy software, and insecure communications.
IASME is working in partnership with the official police security initiative, Secured By Design. Secured by Design (SBD) operates an accreditation scheme on behalf of the UK Police Service to show that products or services have met recognized security standards. Secure by Design recently launched the Secure Connected Device accreditation for manufacturers of innovative connected security products such as alarm systems and video products. They have picked the IASME scheme as one of the ways for manufacturers to confirm their products have the highest level of cyber security.
How?
- The IoT Cyber Assurance certification process requires manufacturers to answer a set of questions about the security controls in place on a connected device and any associated services.
- A board member or equivalent must sign a declaration to confirm that all the answers are accurate.
- Answers to this assessment are then reviewed our IoT experienced and trained assessors.
- If the manufacturer is successful, a certificate and a badge is provided to be placed on product marketing and packaging to demonstrate the security of the device to purchasers.
Level 1
Level 1 consists of a verified assessment:
- Reassure your customers that their device has the most important security controls in place
- Align your connected devices with UK & EU legislation and with internationally recognized standards in IoT security
- Demonstrate compliance Product Security and Telecommunications Infrastructure Act 2022
The IoT Cyber Assurance scheme provides an essential opportunity for manufacturers to improve the security of their internet-connected devices and to show they are compliant with best-practice security and UK law. The scheme has been designed specifically to be accessible to smaller organizations, micro-businesses, and start-ups alongside more established manufacturers. The scheme is a vital tool in enabling organizations to verify the security of connected devices in their own supply chain.
IASME IoT Cyber Assurance – Level 1 Portal access and Certification on meeting the requirements – From: £525+VAT
Level 2
For greater assurance, the scheme is also available as Level 2 which includes an audit via third-party testing and independent certification. The scope of the certification will include the IoT device and any associated hub, App and cloud service the device relies upon to operate.
- The manufacturer must attain the level 1 certification before applying for the audited level
- The audit is managed by an Assessor, skilled in IoT cyber security
IASME IoT Cyber Assurance – Level 2 (Audited) Certification – From: £2100+VAT
Now what?
Get in contact by email info@aggress.co.uk or click the button below, include as much detail as you think is relevant and we will get in contact with you, or to have a conversation via phone (01292 811 811).