ETSI Cyber Security for Consumer Internet of Things
Description | ||
4.1 | No universal default passwords | I1 Weak, Guessable, or Hardcoded Passwords |
4.2 | Implement a means to manage reports of vulnerabilities | N/A |
4.3 | Keep software updated | I4 Lack of Secure Update Mechanism I5 Use of Insecure or Outdated Components |
4.4 | Securely store credentials and security-sensitive data | I1 Weak, Guessable, or Hardcoded Passwords I7 Insecure Data Transfer and Storage |
4.5 | Communicate securely | I7 Insecure Data Transfer and Storage |
4.6 | Minimize exposed attack surfaces | I1 Weak, Guessable, or Hardcoded Passwords I2 Insecure Network Services I3 Insecure Ecosystem Interfaces I5 Use of Insecure or Outdated Components I9 Insecure Default Settings I10 Lack of Physical Hardening |
4.7 | Ensure software integrity | I4 Lack of Secure Update Mechanism |
4.8 | Ensure that personal data is protected | I6 Insufficient Privacy Protection |
4.9 | Make systems resilient to outages | N/A |
4.10 | Examine system telemetry data | I8 Lack of Device Management |
4.11 | Make it easy for consumers to delete personal data | I6 Insufficient Privacy Protection |
4.12 | Make installation and maintenance of devices easy | I9 Insecure Default Settings |
4.13 | Validate input data | I3 Insecure Ecosystem Interfaces |
Last updated