Senators Want More Secure IoT Devices for the Government

Internet of things app developers are excited about the possibilities generated by our current IoT boom (and about their potential to make a whole heap of money). Worldwide IoT spending is expected to reach $1.4 trillion by 2021, but not everything is rosy in the world of connected devices. Events like last year’s Mirai botnet attack have raised concerns both legitimate and hysterical about the security of the internet of things. There are many small and relatively simple fixes that could improve security in the IoT sphere, but they have yet to be adopted on a mass scale. Fortunately, some U.S. lawmakers are starting to take notice of the flaws in IoT security and are trying to do something about it.

Senators Mark Warner (D-VA) and Cory Gardner (R-CO) are bringing the Internet of Things Cybersecurity Improvement Act of 2017 before the Senate this week. Just like everyone else under the sun, the government is buying and using many internet of things devices. As the number of connected devices in use in government offices grows, so have worries about their security. Warner and Gardner’s law seeks to put in place basic cybersecurity standards that most IoT app developers should be able to stand behind. While their law only involves IoT devices sold to the U.S. government, their hope is that the federal government, with its $95 billion allowance for tech spending, will influence security features on consumer IoT devices.

One of the major requirements the lawg insists on is that all IoT devices used by the government should have regular security updates. This seems like common sense, but as Chicago IoT app developers know, most tech companies do not include such a basic security feature. Warner and Gardner also want to get rid of the hard-coded, easily hackable passwords that supposedly protect most IoT devices. As Warner told the reporters at Recode, “You’ve got to constantly be upgrading your game. And what we’re saying with Internet of Things devices is, if you’ve got hard-coded passwords or they’re not able to be patched, because they’re cheaper or smaller devices, that can’t be standard protocol.” Let’s hope that this bipartisan bill gets through Congress and ushers in a new era of IoT security.