UK’s IoT Security by Design Law Will Cover Smartphones Too

Smartphones will be included in the scope of planned security by Design UK’s law aimed at beefing the security of customer services. The government made the announcement earlier today in its response to a consultation on legislative plans aimed at tackling some of the complicated cyber attacks faced with the Internet of Things today.

The government introduced a security code of practice for IoT device manufacturers back in 2018, but the forthcoming legislation is intended to build on that with a set of legally binding requirements. A draft law regarding the recent propaganda was aired by Ministers in 2019, with the government’s focal point being on improving communication through IoT devices. It included propositions such as web cameras and baby monitors, which have often been associated with the most egregious device security practices.

Its plan now has diversified for virtually all customer devices to be covered by legally binding security requirements. The forthcoming legislation will be requiring the smartphone and devices maker like Apple and Samsung to inform customers of the duration of time for which a device will receive software updates at the point of sale.

It will also ban manufacturers from using default universal passwords, which are often present in a device’s factory settings and easily traceable. The whole scenario is being mobbed up into a security framework to reduce the cyberattacks on various IoT devices. Cybercrimes have increased at a fastening rate in the UK’s, and it is only behind the United States in accordance with cyberattacks.

California already passed legislation banning such passwords in 2018 with the law coming into force last year. Under the incoming UK’s law, manufacturers will additionally be required to provide a public point of contact to make it simpler for anyone to report misconduct or vulnerability.