Page 89 - Trust in ICT 2017
P. 89
Trust in ICT 1
(3) All personally identifiable data types and attributes must be evidently disclosed by the inventor.
Vital and personal information such as physical location, medical information (heart rate, pulse, and
blood pressure), and user profile info are among such information for an example.
(4) Any default personal data sharing must be limited to third parties/service providers who agree to
confidentiality and to limit usage for specified purposes.
Any sharing of personal data with third parties for other purposes must be revealed and require an
agreement, including an explanation of the nature and scope of the data shared and limitations on
the use of the data if any.
(5) The term and duration of the data retention policy must be disclosed.
As long as customer uses the product or service data can be retained and must be deleted upon
account termination or expiration.
(6) Any ability to remove personal and sensitive data (other than purchase transaction history) must
be informed to users by the manufacture upon discontinuing device use, loss, damage, sale or device
end-of-life.
This option should be provided at no-charge.
(7) Personally identifiable and sensitive data must be encrypted or hashed when at storing in databases
and when using available communication methods.
The idea is to achieve end-to-end encryption for all personal data. For direct wired connections, this
is not mandatory and can be applied currently available encryption technologies to make sure to
secure the integrity of data being communicated.
(8) Default passwords must be prompted to be reset or changed on first use or uniquely generated.
Best practise is to use two credentials for administrative and user access where ever possible and
password reuse must be avoided. Furthermore randomly generated passwords are more
encouraged.
(9) All user sites must adhere to SSL best practices using industry standard testing mechanisms.
Minimum of 90% site score is expected.
(10) By default all device sites and cloud services must exploit HTTP over SSL (HTTPS) encryption.
In general this is known as Always On Secure Sockets Layer (AO SSL) or HTTPS everywhere.
(11) Manufacturers must conduct penetration testing for devices, applications and services.
The goals of penetration tests are determine feasibility of a particular set of attack vectors, identify
high-risk vulnerabilities from a combination of lower-risk vulnerabilities exploited in a particular
sequence, identify vulnerabilities that may be difficult or impossible to detect with automated
network or application vulnerability scanning software, assess the magnitude of potential business
and operational impacts of successful attacks, test the ability of network defenders to detect and
respond to attacks and provide evidence to support increased investments in security personnel and
technology.
(12) If there are any weakness in the product, manufacturers must have capabilities to rectify in a prompt
and reliable manner either through remote updates and / or through consumer notifications and
instructions.
Wherever this is not possible, manufacture must inform the user in advance. Alternatives could be
device replacement or manufacturer upgrade, product recall or onsite service for connected home
devices.
(13) Manufacturers must provide secure recovery mechanisms for passwords.
Recommendations are multi-factor verification (email and phone, etc.), lockout capability for
multiple sign-on attempts among many.
(14) Device must provide a visible indicator or require user confirmation when pairing or connecting with
other devices.
81
