About

With the evolution of the “Internet of Things” it became evident that a globally applicable certification framework was required to ensure vendors security claims were valid, and their IoT products met general security baseline principles for IoT as set by Governments and International Standards bodies, such as ETSIENISA and NIST.

In 2017 Enex, formerly the RMIT University Testing Laboratory, Australia, continued R&D on a project that was commenced in the Enex (UK) Lab in 2006. That work involved a government initiated (Cabinet Office & Home Office) assurance programme focused on the independent evaluation, validation and certification of vendors claims about the electronic security of their products. 

In late 2019 the UK, US, Canada, Australia and New Zealand, collectively known as the Five Eyes (FVEY) released a joint statement of intent regarding the security of the Internet of Things. Acknowledging that the lack of security in IoT devices is a global issue, expecting manufacturers to incorporate security-by-design, and actively seek out opportunities to enhance trust and raise awareness of security safeguards associated with IoT devices in those respective nations. 

In 2020 the research IP was transferred to Security Mark P/L for the purpose of licensing a number of cyber security and information assurance technology related marks, covering areas such as Information Technology, Communications Technology and the Internet of Things.

The governance, policies and procedures that comprise the IoT Security Trust Mark™ Certification and Labelling scheme were formalised and the program licenced and organisation launched by IoT Security Mark P/L.

The global IoT Security Trust Mark™ certification and labelling scheme supports the IoT Security objectives stated by FVEY.

The scheme provides assurance to purchasers of IoT products who seek the IoT Security Trust Mark label that the claims vendors are making in their Vendors Claims Document (VCD) about their product security have been independently verified by an Accredited Test Facility (ATF) along with meeting Baseline IoT security Requirements (BRs) as set by Standards Bodies and Governments, and certified by a Decision Authority (DA). 

In addition to ATFs and DAs, the scheme is supported internationally by Affiliates and Host Country Associations (HCAs) who are third party groups who seek to drive the adoption of safe and secure IoT in their regions and territories. Through awareness raising and engagement with Government, Industry and Consumers.

Enquire today about becoming an IoT Security Trust Mark™ Affiliate, Host Country Association (HCA), Decision Authority (DA), or an Accredited Test Facility (ATF).