Consumer Reports Calls for IoT Manufacturers to Raise Security Standards
A letter to 25 companies says Consumer Reports will change ratings to reflect stronger security and privacy standards.
Consumer Reports has issued a letter to 25 connected camera manufacturers, urging them to adopt stronger security and privacy measures for cameras, doorbells, and security systems.
The letter is directed to companies including ADT/LifeShield, Guardzilla, Honeywell Home, Google/Nest, Ring, SimpliSafe, TP-Link, and Samsung SmartThings. In it, Consumer Reports' Policy Counsel Katie McInnis requests clarifications on the steps manufacturers are taking to prevent hacks and unauthorized access to devices and systems following a series of recent incidents in which connected cameras were used to harass people in their homes.
"Connected devices such as cameras are increasingly being used in the private sphere of the home and collect highly sensitive information including voice and visual recordings of the home and the area immediately around a private residence," she writes. As consumers learn of attacks on home systems, she adds, they have grown more concerned with privacy than cost.
Consumer Reports' product ratings will continue to change to reflect the security and privacy standards it believes are necessary to protect users. Companies are urged to adopt stronger measures: automatic software/firmware updates enabled by default; protection for credential stuffing and reuse; requirement for multifactor authentication and more secure passwords; and inclusion of a visible indicator when cameras are active are a few suggestions that the letter offers.
Device makers are requested to submit which security practices they have implemented, and which additional measures they plan to use in the future, and by which date, by January 27.
Read the full letter here.
Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "6 Unique InfoSec Metrics CISOs Should Track in 2020."
About the Author
You May Also Like
The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024Safeguarding GitHub Data to Fuel Web Innovation
Nov 21, 2024