GSMA announces security guidelines for IoT

10 February 2016 |


The GSMA has released a set of security guidelines for the deployment of the internet of things (IoT).

The document was developed through consultation with operators such as AT&T, China Telecom, Etisalat, KDDI, NTT DoCoMo, Orange, Telefonica, Telenor and Verizon and vendors like Ericsson, Gemalto, Morpho, Telit and u-blox.

As billions of devices become connected in the internet of things, the possibility of potential vulnerabilities increases, noted Alex Sinclair, chief technology officer of the GSMA. “These can be overcome if the end-to-end security of an IoT service is carefully considered by the service provider when designing their service and an appropriate mitigating technology is deployed. A proven and robust approach to security will create trusted, reliable services that scale as the market grows,” he said.

The GSMA’s IoT security guidelines – developed through the GSMA Connected Living programme – is said to be designed for all players in the IoT ecosystem, including service providers, device manufacturers and developers. 

In addition to helping service providers build secure services by outlining technologies and methods to address potential threats, the guidelines are also designed to establish the need for risk assessment of all components of an IoT service. 

Don A. Bailey, founder and CEO of Lab Mouse Security, said: “It is imperative that the industry adopts a standard approach for dealing with security risks and mitigations, helping to ensure that the entire IoT ecosystem will not be subject to fraud, exposures of privacy, or attacks that affect human life.”