Leveraging the CSA IoT Controls Framework, the users will be able to allocate system classification, depending on the value of data that is being stored and processed
The Cloud Security Alliance (CSA), a leading organisation dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, released the CSA Internet of Things (IoT) Controls Framework. This is first such framework for IoT that introduces the base-level security controls needed to lessen several risks related to an IoT system, which are operating in threat environment range.
Developed by the CSA IoT Working Group, the new framework, along with Guide to the CSA IoT Controls Framework, offers companies with the background in which they can evaluate and deploy an enterprise IoT system that includes multiple types of connected devices, networking technologies and cloud services.
Commenting on the development, Brian Russell, chair of the CSA Internet of Things Working Group, said, “This has been quite an intense and involved effort and we are excited to offer the IoT Controls Framework as a resource for designers and developers, who are tasked with creating secure IoT systems and other evaluators of IoT systems.”
Useful for designers and developers
“Designers and developers can use this tool to continually evaluate the security of their implementation as they progress through the development life cycle. The tool offers a holistic evaluation of an IoT system to ensure it meets industry-specified best practices,” he added.
Leveraging the new framework, the users will be able to allocate system classification, depending on the value of data that is being stored and processed, and the possible impact of several types of physical security threats.
Irrespective of the value assigned, the CSA IoT Controls Framework has utility across multiple domains of IoT from the systems that are processing only ‘low-value’ data with limited impact potential to the highly sensitive systems supporting critical services.