The GSMA has issued new guidelines intended to promote the secure development and deployment of services in the growing IoT market.
Developed in consultation with the mobile industry, the GSMA IoT security guidelines offer IoT providers and other players in the IoT ecosystem practical advice on tackling common cybersecurity threats, as well as data privacy issues associated with IoT services.
The project has received the backing and support of the mobile industry, including mobile operators AT&T, China Telecom, Etisalat, KDDI, NTT DoCoMo, Orange, Telefónica, Telenor and Verizon and vendor and infrastructure partners 7Layers, Ericsson, Gemalto, Morpho, Telit and u-blox.
“As billions of devices become connected to the Internet of Things, offering innovative and interconnected new services, the possibility of potential vulnerabilities increases,” said Alex Sinclair, Chief Technology Officer, GSMA.
“These can be overcome if the end-to-end security of an IoT service is carefully considered by the service provider when designing their service and an appropriate mitigating technology is deployed.”
Aside from helping service providers build secure services by outlining technologies and methods to address potential threats, the guidelines also establish the need for risk assessment of all components of an IoT service to ensure they are designed to securely collect, store and exchange data and successfully mitigate cyber security attacks.
The guidelines recently completed a thorough industry consultation with academics, analysts and other industry experts.
"To allow the Internet of Things to take off on its predicted trajectory, security and privacy must be adopted throughout the ecosystem and built-in from the start,” Telenor Connexion CISO Jimmy Johansson said.
“These guidelines will help both start-ups and established companies to implement security and privacy into their processes in order to provide secure services and products.”