Information security policies
ISO/IEC 27402


Search this site
 

Security awareness content

ISO/IEC 27402 — Cybersecurity — IoT security and privacy — Device baseline requirements [DRAFT]

 

Introduction

This project is documenting the common but basic security features expected of IoT devices, enabling the IoT security controls documented in ISO/IEC 27030. A unique (and ideally immutable and verifiable!) device identifier is an example, plus a ‘factory reset’ function. It is anticipated that additional security controls will be required (and may be defined in further standards) for specific applications (e.g. medical things).
 

Scope of the standard

The standard is intended to specify a ‘baseline’ or platform for ‘IoT devices’ [things] supporting information security and privacy controls.
 

Content of the standard

TBA
 

Status

The standard is at 1st Working Draft stage.
 

Personal notes

Errr, watch this space.
 

< Previous standard      ^ Up a level ^      Next standard >

Copyright © 2020 IsecT Ltd.