The government of Australia recently released a draft Code of Practice for securing the Internet of Things (IoT) devices. The government stated the draft, Voluntary Code of Practice: Securing the Internet of Things for Consumers, is under public consultation running until March 1, 2020.
It’s said that the Code of Practice will apply to all IoT devices available in Australia, including smart TVs, smartwatches, speakers, and other smart devices.
“Many of these devices have poor cybersecurity settings, leaving Australians vulnerable to cyber- attacks. Cyber-attacks can have serious privacy and security consequences for individuals, our economy and national security. We need to act now to address the cybersecurity risks,” the government said in a statement.
“The Government expects devices are designed with basic cybersecurity features so that Australian consumers can work and live securely online,” the statement added.
The Code of Practice is based on thirteen principles which include:
- No duplicated default or weak passwords
- Implement a vulnerability disclosure policy
- Keep software securely updated
- Securely store credentials
- Ensure that personal data is protected
- Minimize exposed attack surfaces
- Ensure communication security
- Ensure software integrity
- Make systems resilient to outages
- Monitor system telemetry data
- Make it easy for consumers to delete personal data
- Make installation and maintenance of devices easy
- Validate input data
The government stated the draft is its initial step to improve the security of IoT devices in the country. It helps raise awareness of security safeguards associated with IoT devices, build consumer confidence in IoT technology, and allow Australians to obtain the benefits of IoT adoption.
“This Code of Practice is a voluntary suite of measures that the Australian Government recommends for the industry as the standard for IoT devices. The Australian Government will continue to work with industry to provide better protection for consumers, including through complementary initiatives to lift security in IoT devices for consumers and specific higher-risk sectors,” the statement added.
Recently, the Australian government announced that it’s going to spend AU$8.5 million to create a national freight data hub. The government stated the new data hub helps businesses and governments make better operational decisions.
“A well-designed hub will improve access to and sharing of valuable freight location and performance data,” said Michael McCormack, the Deputy Prime Minister of Australia.
The funding will be divided into two parts, in which AU$5.2 million will be allocated for designing the national freight data hub, including arrangements for data protection, data collection, confidentiality, dissemination, and hosting. And the remaining AU$3.3 million will be used to establish a freight data exchange pilot.