ETSI Cyber Security for Consumer Internet of Things
4.1
No universal default passwords
I1 Weak, Guessable, or Hardcoded Passwords
4.2
Implement a means to manage reports of vulnerabilities
N/A
4.3
Keep software updated
I4 Lack of Secure Update Mechanism I5 Use of Insecure or Outdated Components
4.4
Securely store credentials and security-sensitive data
I1 Weak, Guessable, or Hardcoded Passwords I7 Insecure Data Transfer and Storage
4.5
Communicate securely
I7 Insecure Data Transfer and Storage
4.6
Minimize exposed attack surfaces
I1 Weak, Guessable, or Hardcoded Passwords I2 Insecure Network Services I3 Insecure Ecosystem Interfaces I5 Use of Insecure or Outdated Components I9 Insecure Default Settings I10 Lack of Physical Hardening
4.7
Ensure software integrity
I4 Lack of Secure Update Mechanism
4.8
Ensure that personal data is protected
I6 Insufficient Privacy Protection
4.9
Make systems resilient to outages
N/A
4.10
Examine system telemetry data
I8 Lack of Device Management
4.11
Make it easy for consumers to delete personal data
I6 Insufficient Privacy Protection
4.12
Make installation and maintenance of devices easy
I9 Insecure Default Settings
4.13
Validate input data
I3 Insecure Ecosystem Interfaces
Last modified 2yr ago
Copy link