According to the organisation, it released the document - ETSI EN 303 645 V3.1.3 (2024-09) – in response to “growing concern” around increased adoption of IoT devices by consumers.
Key features include ‘baseline provisions’ to establish fundamental security requirements, guidance for implementation, compliance with GDPR and future-proofing. Devices covered in the document include smart home assistants, connected appliances, health trackers and more.
Discussing the move, a spokesperson for ETSI said: “As more household devices connect to the internet, safeguarding personal data has become a paramount issue for manufacturers and consumers alike. The document emphasises outcome-focused provisions, steering clear of overly prescriptive measures.”
ETSI general director Jan Ellsberger said: “Consumers are increasingly dependent on connected devices for secure transactions, making it crucial for manufacturers to earn that trust, prioritising security by design. These guidelines aim to address the most significant vulnerabilities.
“I am confident that they help create a safer IoT ecosystem, so long as we remain vigilant, knowing full well that this work is never ‘done’."
