In response to the U.S. government’s proposed Cyber Trust Mark and taking action to improve cybersecurity standards for common smart home devices, Crestron has published a blog detailing the company’s support for enhanced cybersecurity in IoT devices and its own security practices.
The blog is in response to the Federal Communication Commission’s proposed U.S. Cyber Trust Mark, which will essentially certify that a consumer IoT device meets cybersecurity standards defined by the government.
Crestron ultimately calls the program a positive. Although the company only sells its residential products through its network of integrators, there are thousands of other manufacturers who sell direct to consumers online or in retail stores. Urging other manufacturers–some of which sell both direct and through the channel–to do the same or risk being labeled as not secure will help the entire smart home industry, the company says.
“As far as Crestron’s concerned, this is a rising tide that will lift all boats,” the company writes in a new blog. “A well-planned effort to focus manufacturers on security issues will inspire greater confidence in smart home solutions as a whole and be a benefit to consumers and the entire industry.”
The governmental Cyber Trust Mark program seeks to raise the bar for cybersecurity across several categories of smart home devices, including smart refrigerators, smart microwaves, smart TVs, smart climate control systems, smart fitness trackers and more.
According to the Biden Administration, several major manufacturers, retailers and trade associations have already made voluntary commitments to increase cybersecurity for their smart home products, including Amazon, Best Buy, Carnegie Mellon University, CyLab, Cisco Systems, Connectivity Standards Alliance, Consumer Reports, Consumer Technology Association, Google, Infineon, the Information Technology Industry Council, IoXT, KeySight, LG Electronics U.S.A., Logitech, OpenPolicy, Qorvo, Qualcomm, Samsung Electronics, UL Solutions, Yale and August U.S.
In the company’s blog, Crestron lays out its own security program, which it boasts as being very robust. The company’s devices can be found at all levels of the government, so devices are built with security in mind and are subject to extensive testing. Essentially, Crestron’s security practices are more robust than many other AV manufacturers, especially ones that sell direct to consumers.
The company also says it makes available resources and documentation, such as Security Reference Guides, to help customers, dealers and integrators in understanding the options for secure installation of individual devices.
The company boasts approvals from the Joint Interoperability Test Command (JITC) of the U.S. Department of Defense Information Systems Agency (DISA) and have been added to the Unified Capabilities (UC) Approved Products List (APL). Crestron also offers AV-over-IP solutions that have received Common Criteria Certification granted by the National Information Assurance Partnership (NIAP).
In addition, Crestron maintains a security disclosure program, publicly available on its website, that lists disclosed vulnerabilities in its products. Anyone can present Crestron with evidence that its products contain a vulnerability, and the company says it will respond, investigate and fix the problem with a patch if necessary.
In a statement in the blog, Brad Hintze, executive vice president of global marketing at Crestron, says the company is excited to see how the Cyber Trust Mark program will evolve, calling it a “step in the right direction.”
“Crestron will continue to monitor developments as more details about the U.S. Cyber Trust Mark program become available,” says Hintze. “In the interim, we will continue to strive to bring secure products to market to meet our customers’ needs. It’s yet another aspect of our commitment to best-in-class quality.”
The FCC is now seeking public comment on the proposed program.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!