Without security, the Internet of Things will cease to exist. Security by Design – embedding security from the beginning – can minimize the risk of destroyed reputations and costly remediation. IoT companies will need to take action now to shield their solutions from cyberattacks and safeguard customer data, if they are to protect their reputation as a provider of secure devices and services.
SCS IoT Security Assessment provides a flexible framework that addresses the diversity of the IoT market, enabling companies to build secure IoT devices and solutions as laid out in the SCS IoT Security Guidelines, a comprehensive set of best practices promoting the secure end-to-end design, development and deployment of IoT solutions.
Building on the extensive expertise of the mobile industry, gained from decades of providing secure, trusted and reliable products and services, the SCS IoT Security Assessment scheme ensures Security by Design and enables companies to identify and mitigate any potential security gaps in their services, allowing the market to scale to its full potential.
The Key Attack Surface:
|Device Physical Interfaces|
|Device Web Interface||Standard set of web application vulnerabilities, see:|
|Device Firmware||Sensitive data exposure (See OWASP Top 10 – A6 Sensitive data exposure):|
|Device Network Services|
|Administrative Interface||Standard set of web application vulnerabilities, see:|
|Local Data Storage|
|Cloud Web Interface||Standard set of web application vulnerabilities, see:|
|Third-party Backend APIs|
|Vendor Backend APIs|