The IoT Security Assured scheme has been developed by the IASME Consortium
to provide an essential opportunity for manufacturers to improve the security of their IoT devices and demonstrate that they are compliant with best-practice security.
The scheme has been designed specifically to be accessible to smaller organisations,
micro-businesses, and start-ups alongside more established manufacturers.
The scheme is also a vital tool in enabling organisations to verify the security of connected devices in their own supply chain.
IoT Security Assured is aligned with the ETSI technical standard for IoT security, EN 303 645, and with the proposed UK IoT security legislation and guidance. It is also mapped to the IoTSF Security Compliance Framework.
IoT Security Assured provides assurance to your customers that their device has the most important security controls in place.
It allows your company to align with upcoming UK legislation and European standards.
It allows your company to demonstrate commitment to best-practice security for internet connected devices..
IoT Security Assured comes in two versions - Verified Self-Assessment and Audited.
IoT Security Assured Self-Assessment involves the completion of an online completion looking at the following 6 areas:
Passwords – are they unique? Can they be changed by customers?
Vulnerabilities – does your organisation address vulernabilities within its products?
Patch Management – are devices and software are kept up-to-date with the latest security patches?
Secure Configuration – are devices secured to keep hackers out?
Communications – do devices securely transmit data?
Data Management – do you provide clear guidance to customers about what data is stored and where?
There are three levels of security that a device can be certified to:
Basic is aligned with proposed UK legislation and covers the top three requirements of the ETSI standard.
Silver is aligned with the ETSI mandatory requirements and Data Protection provisions.
Gold is aligned with the ETSI mandatory requirements as well as all the additional ETSI recommended requirements and Data Protection provisions.
IoT Security Assured Audited verifies the answers provided in the self-assessment by looking at the following areas:
Interview – the IoT Security Assured assessor discusses the product and policies with the company
Documentation Review – the IoT Security Assured assessor reviews the product's and the company's documentation
Hands-on Device Security Review – the IoT Security Assured assessor reviews the physical device
Bergerode Consulting is the leading certification body in North West England
and we can help your organisation through the entire process of meeting the IoT Security Assured Self-Assessment and Audited standards.
We have extensive experience in helping organisations of all sizes and business areas with cyber security certificartion so you can rest assured that you are in safe hands.
The price for the IoT Security Assured is dependent upon the size of your vessels:
£450 ex.VAT for IoT Security Assured Self-Assessment if your organisation is a micro-business.
£500 ex.VAT for IoT Security Assured Self-Assessment if your organsation is larger.
For IoT Security Assured the price is available upon application.
These prices include 1 hour of consultancy and help. Should you require more assistance then this can be provided at a competitive price.