cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
rslade
Influencer II

A first step in IoT security

California has passed a law mandating security for all IoT/Internet of Things/"connected devices."

 

So far it only covers passwords, so there is some considerable room to grow, but at least it's a first step.

 

The test of the bill is available here.


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
1 Reply
ckdiii
Newcomer I

It's a start but not a lot of teeth in this law. One of the real challenges is teaching end users how to securely implement IoT on their home or business networks. The network team at most companies know better than to have a flat network but most home users have a large and growing number of IoT devices on the same network as their more sensitive systems.

 

I wrote an article on basic network segmentation. Of course this is aimed at readers who are technically limited and don't understand vlans and likely wouldn't have that type of hardware at home.

 

https://www.ckd3.com/blog/2018/10/15/home-network-segmentation-a-must-in-the-iot-era