Strengthening Product Security: A Smart Move for Consumers

In an era where smart devices permeate our daily lives, ensuring their security is paramount. Weak passwords and vulnerabilities pose significant risks. The implementation of the Product Security & Telecommunications Infrastructure Act (PSTI) aims to address these concerns, bolstering consumer confidence and fortifying digital safety.

A smart speaker n the centre of the image with a purple and pink light drenched over it

Smart devices like doorbells, TVs, baby monitors, and routers have become commonplace in our homes. However, without robust protection, these everyday gadgets pose security risks. To increase consumer confidence and protection, a new product security law came into force on Monday 29 April, the Product Security & Telecommunications Infrastructure Act (PSTI).

The Risk of Weak Passwords

Weak passwords stand out as a major vulnerability for internet-enabled devices. A 2022 investigation by Which?* revealed that commonplace smart devices, including fitness trackers and mobile phones, face thousands of hacking attempts weekly. Regardless of product security measures, relying on default or easily guessable passwords like 'admin123' or '12345678' creates an open invitation for hackers to exploit the technology.

Compliance with the PSTI Act mandates manufacturers to:

  • Ensure the security of devices.
  • Encourage users to adopt strong passwords during setup.
  • Establish accessible channels for users to report security bugs or vulnerabilities.

Non-compliant products risk recall and hefty fines for the companies involved. The overarching goal is to relegate weak passwords and associated vulnerabilities to history.

Key Points About PSTI

Manufacturers of smart devices should familiarise themselves with the guidelines provided by:

Consumers are advised to:

  • Immediately change default passwords to strong alternatives when acquiring wearable, domestic, or business technology.
  • Utilise password manager tools for secure password storage, reducing the risk of forgetting login details and reliance on weak passwords. We recommend using a free password manager tool, this keeps your list of passwords securely stored, so you never forget your login details and can avoid the risk of weak passwords.

In the event of a device breach, promptly inform the manufacturer and contact OPSS via email at OPSS.enquiries@businessandtrade.gov.uk. Sharing such incidents aids in patching vulnerabilities and preventing others from encountering similar issues.

IT Security 

There are always new steps to take in the dance with technology and if you have concerns about business IT security, services help you keep pace. From assessing your current setup to ongoing and proactive IT security support, we’ve got your back.

 

 

Sign Up To Our TechMoves Newsletter