Tuya Smart, a leading IoT development platform service provider, was named as an exemplar of cybersecurity best-practice in the 2022 Global IoT Security White Paper.
The White Paper applauds Tuya Smart for its holistic approach to cybersecurity leadership; specifically for acquiring international third-party security certifications, establishing the Tuya Security Team, creating secure and independent data storage centers, and developing innovative security products in-house: a security-operation platform solution designed to help developers eliminate security risks, Tuya Sage, and the first IoT module of its kind with a built-in secure element (SE) and Common Criteria (CC) EAL6+ certificate, WBR3N.
The 2022 Global IoT Security White Paper was jointly prepared by the Research Center for Cyberspace International Governance (“RCGCG”) and the global standard for IoT security, ioXt Alliance. The White Paper was written with input from scholars in cybersecurity and Sino-U.S. technology at the Stimson Center, Albright Stonebridge Group, Stanford University’s Cyber Policy Center, Yale Law School, MIT Computer Science and Artificial Intelligence Center, and more. It is the first prominent white paper to focus on global IoT cybersecurity and include case studies and best practices from global IoT leaders and 12 suggested initiatives to strengthen global IoT security.
Expert in-house InfoSec team, numerous third-party certifications
The White Paper states that enterprises should focus on enhancing cybersecurity, assembling security teams, improving information-security systems, strengthening corporate-compliance capacity and eliminating IoT system security risks by perfecting management models, processes, tools and platforms.
The White Paper research group commended Tuya Smart for building an in-house security team and for partnering with top international third-party institutions. The Company’s in-house information-security team secures its data from cradle to grave, safeguarding the software development life cycle (SDLC). The information-security team creates security classification standards for smart hardware devices, compiles security-test cases to ensure the defense of the technology, and protects the code of the firm’s software during the development phase.
Also Read: WOW! Launches 1.2 Gig Speeds Across Entire Footprint
Cooperating with top international third-party institutions in security assessment and certification is a best practice in the global IoT industry. Tuya Smart has met or surpassed most global information security standards. This includes an endorsement from the well-known international organization, Information Security Organization (“ISO”) certification of SGS, BSI’s ISO27001 standard for information security system, ISO27017 standard for cloud security management system, ISO27701 standard for cloud platform privacy and security, and the Connectivity Standards Alliance (“CSA”) STAR cloud security certification. The Company is a recipient of the TrustArc’s Enterprise Privacy Certificate (EPC) and regularly partners with Rapid7, wizlynx group, ScienceSoft, Chaitin Tech, DAS-Security, and UnderDefense to test Tuya’s information security capacity with professional penetration testing.
IoT enterprises can ensure their products meet fundamental international safety standards by submitting relevant certificates. When it comes to product safety standards, Tuya Smart has passed TÜV SÜD’s EN 303645 and NIST IR 8259A certifications. In 2021, Tuya announced a partnership with ioXt Alliance to improve hardware developer security and launched a certified components program.