It’s important to know what is in the food we eat, and in much the same way, it is also important that we know about the technology we use on a daily basis. A recent initiative is striving to place labels similar to those found for nutrition on Internet of Things devices to help consumers make better choices about their technology acquisitions.
Nutrition labels are designed to protect consumers, and so too are these Internet of Things labels proposed by the National Institute of Standards and Technology. NIST held a workshop titled “Workshop on Cybersecurity Labeling Programs for Consumers: Internet of Things (IoT) Devices and Software” in response to the Biden administration’s calls for greater transparency and communication in terms of applications and connected devices. Government agencies, private companies, and academics are all striving to implement policies and programs that can lead to standards for Internet of Things technology with the optimistic goal of having standards set by as early as next year.
The first challenge, however, is figuring out what should be placed on the label.
In the exact words of the executive order, this program must “initiate pilot programs informed by existing consumer product labeling programs to educate the public on the security capabilities of Internet-of-Things (IoT) devices and software development practices, and shall consider ways to incentivize manufacturers and developers to participate in these programs.”
Don’t ignore the word “consumer” in that description, as it’s likely these labels will be more tailored to your average consumer products rather than your business products. Still, your average consumer and business owner do have some interests in common, chief among them being security, so these labels should help somewhat when making technology decisions.
Still, this assumes that people know what they are looking for (and looking at) on the nutrition labels. While it’s good information to give to the user or consumer, it only matters if it helps them make a decision. If the label is confusing and hard to read, then no one will get value out of it.
It’s unlikely that these labels will contain information that dives too deep, at least at first. They will only have the most basic security information to start off. However, even a vague idea of an Internet of Things device’s security standards can be helpful and make a difference for consumers, with the security implications for businesses being even greater.
What are your thoughts on the matter? Would you take a look at a security nutrition label if you saw one on a device you are about to buy? Leave your thoughts in the comments below.
Sam is a network engineer with a broad range of experience spanning more than 35 years. He wrote is first piece of code in 1979 and has been involved with the industry ever since. For the last 20 years, he has worked for SCW Consulting where he has embraced his passion for network technology and security.
Mobile? Grab this Article!