IoT Resources, Standards & Reference Best Practices 


White Papers, Presentation & Response to RFCs


ISTA Reference Standards & Best Practices*

  • Broadband Internet Technical Advisory Group - https://www.bitag.org
  • Consumer Reports / Digital Standard - https://www.thedigitalstandard.org/
  • Consumer Technology Association (CTA) IoT Working Group - 
    https://www.cta.tech/Membership/Member-Groups/IoT-Working-Group.aspx
  • Continental Automated Buildings Association (CABA) - www.caba.org/whitepapers
  • European Commission 

General Data Protection Directive - https://ec.europa.eu/info/law/law-topic/data-protection_en

Article 29 Working Party - http://ec.europa.eu/newsroom/article29/news.cfm?item_type=1358

Privacy Shield - https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_en

  • European Consumer Union – Cybersecurity for Connected Products
    http://www.beuc.eu/publications/beuc-x-2018-017_cybersecurity_for_connected_products.pdf
  • European Union Agency for Network & Information Security (ENISA) -
    https://www.enisa.europa.eu/publications/baseline-security-recommendations-for-iot/
  • Securing Consumer Trust in IoT -
    http://www.beuc.eu/publications/beuc-x-2017-137_securing_consumer_trust_in_the_internet_of_things.pdf
  • OECD - Consumer product safety in IoT -
    https://www.oecd-ilibrary.org/science-and-technology/oecd-digital-economy-papers_20716826
  • OWASP https://www.owasp.org/index.php/IoT_Security_Guidance
  • Internet Society - IoT Initiative - https://www.internetsociety.org/iot/ & https://otalliance.org/initiatives/internet-things 
  • UK Government Secure by Design - https://www.gov.uk/government/publications/secure-by-design
  • U.S. Department of Commerce

NTIA – IoT Upgradability & Patching Initiative - https://www.ntia.doc.gov/other-publication/2016/multistakeholder-process-iot-security

NTIA Coordinated Vulnerability Disclosures - https://www.ntia.doc.gov/other-publication/2016/multistakeholder-process-cybersecurity-vulnerabilities

NIST Initiatives in IoT - https://www.nist.gov/itl/applied-cybersecurity/nist-initiatives-iot

NIST Cybersecurity Framework - https://www.nist.gov/cyberframework

NIST Interagency Report on the Status of International Cybersecurity for Standarization for the IoT (NISTIR 8200 draft) - https://csrc.nist.gov/publications/detail/nistir/8200/draft

  • U.S. Department of Homeland Security - https://www.dhs.gov/securingtheIoT
  • U.S. Federal Trade Commission

The NIST Cybersecurity Framework - https://go.usa.gov/xQqgA

Building Security into IoT - https://ftc.gov/carefulconnections

A Lesson From Uber; Secure Your Non-Production Software  - https://www.ftc.gov/news-events/blogs/techftc/2018/04/lesson-uber-secure-your-non-production-software-environments 

  • U.S Department of Justice / Consumer Technology Association - https://www.justice.gov/criminal-ccips/page/file/984001/download


Related Private Sector Tools & Services 

  • Software Development

Microsoft Security Development Lifecycle (SDL) https://www.microsoft.com/en-us/sdl

Microsoft Research - Seven Properties of Highly Secure Devices - https://www.microsoft.com/en-us/research/wp-content/uploads/2017/03/SevenPropertiesofHighlySecureDevices.pdf

Symantec IoT Reference Architecture https://www.symantec.com/solutions/internet-of-things

  • Data Breach Response Guide 

Intersections - https://www.identityguardbusiness.com/

  • Site / Server Security Scanning 

Delta Risk - https://deltarisk.com/

High Tech Bridge - https://www.htbridge.com/

Security Scorecard - https://securityscorecard.com/

  • Other 

Underwriters Laboratory (UL) https://ul.com/consumer-technology/en/industries/internet-of-things

* Resources and links are provided for reference only and are not an endorsement of the organization or their recommendations. To submit non-commercial references for review, email IoT @ agelight.com. Updated 4/13/18