UK govt introduces security requirements for all IoT devices – Telecompaper
Under the law, all consumer smart devices in the UK will have to comply to three security requirements for the Internet of Things (IoT). Firsly, all consumer internet-connected device passwords will have to be unique and not resettable to any universal factory setting. Secondly, manufacturers of consumer IoT devices will have to provide a public point of contact where anyone can report a vulnerability, so that action can be taken in a timely manner. Finally, manufacturers of consumer IoT devices will have to clearly state, at the point of sale, the minimum length of time for which the device will receive security updates, whether the device is bought in a store or online.