Finland rolls out IoT labeling system with an aim to increase the safety of smart devices

• The initiative has been taken with an aim to help inform consumers of the IoT products that meet digital safety standards.
• To promote in a better way, a website that includes the procedures on how to certify IoT devices is also available for vendors.

Finland has become the first European country to issue cybersecurity labels for IoT devices. The initiative has been taken with an aim to help inform consumers of the IoT products that meet digital safety standards.

Seal of approval

The labeling initiative, which was in the process late last year, has been designed to adhere to Finland’s cybersecurity safety guidelines.

By introducing the labeling system, Traficom, the Finnish Transport and Communications Agency, aims to raise consumer awareness of information security and the safe use of connected devices.

To promote in a better way, a website that includes the procedures on how to certify IoT devices is also available for vendors.

IoT security requirements

The National Cyber Security Center Finland (NCSC-FI) was responsible for developing criteria for security standards and certifications for IoT devices. The security specifications implemented by Finland are issued by the European standards agency, ETSI.

An internet-connected device passes the labeling system if it includes safe default settings, access control, and secure data transfer and storage, to name a few.

Awareness campaign

In the first half of 2019, several unpatched IoT devices were found to be increasingly targeted in malware campaigns. Lack of secure-by-default features such as reliance on factory-set passwords is said to be a continuing concern among both consumer and enterprise-grade IoT products. Hence, it is very necessary to disseminate security certificates of IoT products.