The government of Australia has released the first version of its IoT Code of practice. This voluntary code is aimed at the IoT industry. It outlines 13 security principles that represent the standards for IoT devices that are needed to follow by device manufacturers, IoT service providers, and application developers.
The document is comprised of 7 pages and includes brief recommendations for data storage, password standards and a requirement to establish a vulnerability disclosure policy. The vulnerability disclosure policy should include a public point of contact for reporting vulnerabilities and that they are acted on in a “timely manner”. (…)
What are its 13 Principles?