Organization: European Union Agency for Network and Information Security (ENISA) Reference: Security and Resilience of Smart Home Environments Published on: 1 December 2015 This study aims at securing Smart Home Environments from cyber threats by highlighting good practices that apply to every step of a product lifecycle: its development, its integration in Smart Home Environments, and its usage and maintenance until end-of-life. The study also highlights the applicability of the security measures to different types of devices. The good practices apply to manufacturers, vendors, solution providers for hardware and software, and developers.
Organization: Cloud Security Alliance (CSA) Reference: Identity and Access Management for the Internet of Things Published on: 30 September 2015 To help security practitioners ensure the integrity of their IoT deployments, the report details 23 recommendations for implementing IAM for IoT which are drawn from real-world best practices culled by CSA’s IoT Working Group along with guidance from a number of other organizations including the Kantara Initiative, FIDO, and the IETF. Some of these recommendations include: Integrate your IoT implementation into existing IAM and GRC governance frameworks in your organization. Do not deploy IoT resources without changing default passwords for administrative access. Evaluate a move...
Organization: IoT Security Foundation (IoTSF) Reference: Establishing Principles for Internet of Things Security Published on: 22 September 2015 High-level IoT security principles (16-pages)
Organization: Cloud Security Alliance (CSA) Reference: Security Guidance for Early Adopters of the Internet of Things (IoT) Published on: 16 April 2015 Guidance for the secure implementation of Internet of Things (IoT)-based systems.
Organization: I Am The Cavalry Reference: Five Star Automotive Cyber Safety Program Published on: 15 February 2015 High-level principles for the automotive industry cyber safety.
Organization: Federal Trade Commission (FTC) Reference: Careful Connections – Building Security in the Internet of Things Published on: 27 January 2015 Advice for businesses about building security into products connected to the Internet of Things, including proper authentication, reasonable security measures, and carefully considered default settings.
Organization: NCC Group Reference: Security of Things: An Implementers Guide to Cyber Security for Internet of Things devices and beyond Published on: 8 April 2014 The paper takes the reader through a typical IoT product development life-cycle and associated business discussions highlighting the security and privacy impacting areas and decisions that should be considered, why they should be and the potential ramifications if not. In addition for those less experienced in secure hardware and software development lifecycles we also provide a matter of fact look at some of the challenges along the way. At a high-level the paper covers in its 35...