PSM IT NEWS FOR 3-25-2024
FCC Adopts IoT Security Labeling Rule - Jamf Pro To be widely employed to manage the PSM Department Owned Apple / Mac Computers
FCC Adopts IoT Security Labeling Rule
(March 15, 2024)
The US Federal Communication Commission (FCC) has unanimously approved Cyber Trust Mark, a voluntary labeling program for Internet of Things (IoT) and other smart devices to show that they meet certain security standards. The Cyber Trust Mark logo will include a QR code that consumers can scan to get information about how long the device will be supported, whether it will get patches, and whether those patched will be automatically installed. (SANS NEWSBITES, 2024), (FCC, 2024)
Once companies that manufacture IoT devices start participating in this program, consumers will be able to scan that QR code to determine for how long the company will support the item with security patches. In the past consumers had to rely upon their past experiences with a company’s products and some companies were not responsive in addressing security issues. Some examples that come to mind were cheap networked security cameras, novice hackers were able to capture and decode the video stream as the encryption cipher employed was trivial. Another example was IoT digital video recorders which had vulnerabilities and were hijacked in a Mirai botnet and used for denial of service attacks against internet service providers to shut down a number of popular websites causing losses in excess of $8 Million USD. Some example IoT devices I have seen in use at MSU are climate monitoring devices, humidifiers, security cameras and specimen freezers with monitoring.
Jamf Pro to be widely employed to manage the PSM Department Owned Apple / Mac Computers
Jamf Pro is a management system for Apple macOS computers and iOS devices. With Jamf Pro, MSU IT Technicians proactively manage the entire lifecycle of all Apple devices. This includes deploying and maintaining software, responding to security threats, distributing settings, and analyzing inventory data.
Department computers configured with JAMF will be preinstalled with the minimal subset of software to ensure usability and will include Microsoft Office 365, Adobe Acrobat reader, chrome, firefox and ESET Antimalware. Computers will be configured to promptly update the operating system and applications software to manage vulnerabilities and ensure security and reliablity. Staff and Faculty will be provided administrative access to install other work related software and change settings at will on their own.
If your computer is not on JAMF and you would like it to be managed in JAMF please email psmit.support@msu.edu
References
- SANS NewsBites Vol. 26 Num. 21, The rest of this Weeks News, FCC Adopts IoT Security Labeling Rule, March 15, 2024.
- FCC Creates Voluntary Cybersecurity Label Program for Smart Products. March 14, 2024 https://www.fcc.gov/document/fcc-creates-voluntary-cybersecurity-label-program-smart-products