{"id":7861,"date":"2019-10-14T13:35:04","date_gmt":"2019-10-14T12:35:04","guid":{"rendered":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/clp-17-gsma-iot-security-assessment-checklist-v3-0\/"},"modified":"2019-10-14T13:35:04","modified_gmt":"2019-10-14T12:35:04","slug":"clp-17-gsma-iot-security-assessment-checklist-v3-0","status":"publish","type":"gsma_theme_resources","link":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/clp-17-gsma-iot-security-assessment-checklist-v3-0\/","title":{"rendered":"GSMA IoT Security Assessment Checklist"},"content":{"rendered":"<p>Without security, the Internet of Things will cease to exist. To enable a secure market, companies have to take responsibility to embed security from the beginning and at every stage of the IoT value chain.<\/p>\n<p>The GSMA, together with the mobile industry, has devised a range of valuable resources providing guidance and expertise to help companies with the challenge of securing the connected future. The set of IoT security guideline documents includes 85 detailed recommendations for the secure design, development and deployment of IoT services<\/p>\n<p><strong>Audience<\/strong>: Risk practitioner, Technical security practitioner<\/p>\n<p><strong>Resource technology specifics:<\/strong> Internet of Things (IoT)<\/p>\n<p><strong>Resource type:<\/strong>\u00a0Guideline<\/p>\n<p><strong>Resource enforcement:<\/strong>\u00a0Voluntary<\/p>\n<p><strong>Resource certification type:<\/strong>\u00a0Self-assessment<\/p>\n<table width=\"822\">\n<tbody>\n<tr>\n<td width=\"960\"><strong>Advantage<\/strong><\/td>\n<td width=\"960\"><strong>Disadvantage<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"960\">\n<ul>\n<li>The guidelines cover networks as well as IoT service and endpoint ecosystems<\/li>\n<li>Address security challenges, attack models and risk assessments<\/li>\n<li>Provide several worked examples<\/li>\n<li>Provide a flexible framework that addresses the diversity of the IoT market<\/li>\n<\/ul>\n<\/td>\n<td width=\"960\">\n<ul>\n<li>Not widely embedded in the IoT Supply Chain<\/li>\n<li>Self-assessment<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<span class=\"shortcode_button_wrapper\"><a class=\"shortcode_button gsmacolor_red size_medium\" href=\"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/internet-of-things\/iot-security\/\" target=\"_blank\">Read more about GSMA IoT Security<\/a><\/span>\n","protected":false},"excerpt":{"rendered":"<p>Without security, the Internet of Things will cease to exist. To enable a secure market, companies have to take responsibility to embed security from the beginning and at every stage of the IoT value chain. The GSMA, together with the mobile industry, has devised a range of valuable resources providing guidance and expertise to help [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":0,"template":"","meta":{"image":null,"json":{"gsma_resources_type":"Data","gsma_resources_thumb":"[]","gsma_resources_file":"[]","gsma_resources_multi":null,"gsma_resources_wgr":null,"gsma_resources_video":null,"gsma_resources_image":"[]","gsma_resources_url":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/internet-of-things\/iot-security\/","gsma_resources_date":"30-09-2018","gsma_resources_button":"Read"}},"tags":[],"resource_categories":[498,499,500,501,502,503,504,505],"algolia_discover_type":[1553],"class_list":["post-7861","gsma_theme_resources","type-gsma_theme_resources","status-publish","hentry","resource_categories-build-phase","resource_categories-concept-phase","resource_categories-decommissioning-phase","resource_categories-delivery-phase","resource_categories-deployment-phase","resource_categories-design-and-development-phase","resource_categories-operational-phase","resource_categories-procurement-phase","algolia_discover_type-resource"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v24.3 (Yoast SEO v24.3) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>GSMA IoT Security Assessment Checklist - Security<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/clp-17-gsma-iot-security-assessment-checklist-v3-0\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"GSMA IoT Security Assessment Checklist - Security\" \/>\n<meta property=\"og:description\" content=\"Without security, the Internet of Things will cease to exist. To enable a secure market, companies have to take responsibility to embed security from the beginning and at every stage of the IoT value chain. The GSMA, together with the mobile industry, has devised a range of valuable resources providing guidance and expertise to help [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/clp-17-gsma-iot-security-assessment-checklist-v3-0\/\" \/>\n<meta property=\"og:site_name\" content=\"Security\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"GSMA IoT Security Assessment Checklist - Security","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/clp-17-gsma-iot-security-assessment-checklist-v3-0\/","og_locale":"en_GB","og_type":"article","og_title":"GSMA IoT Security Assessment Checklist - Security","og_description":"Without security, the Internet of Things will cease to exist. To enable a secure market, companies have to take responsibility to embed security from the beginning and at every stage of the IoT value chain. The GSMA, together with the mobile industry, has devised a range of valuable resources providing guidance and expertise to help [&hellip;]","og_url":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/clp-17-gsma-iot-security-assessment-checklist-v3-0\/","og_site_name":"Security","twitter_card":"summary_large_image","twitter_misc":{"Estimated reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/clp-17-gsma-iot-security-assessment-checklist-v3-0\/","url":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/clp-17-gsma-iot-security-assessment-checklist-v3-0\/","name":"GSMA IoT Security Assessment Checklist - Security","isPartOf":{"@id":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/#website"},"datePublished":"2019-10-14T12:35:04+00:00","dateModified":"2019-10-14T12:35:04+00:00","inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/gsma_resources\/clp-17-gsma-iot-security-assessment-checklist-v3-0\/"]}]},{"@type":"WebSite","@id":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/#website","url":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/","name":"Security","description":"GSMA Security","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"}]}},"cats":[{"term_id":1591,"name":"Airtel","slug":"airtel","term_group":0,"term_taxonomy_id":1591,"taxonomy":"resource_categories","description":"","parent":1590,"count":0,"filter":"raw"},{"term_id":1600,"name":"APAC","slug":"apac","term_group":0,"term_taxonomy_id":1600,"taxonomy":"resource_categories","description":"","parent":1599,"count":0,"filter":"raw"},{"term_id":1598,"name":"Branded Calling","slug":"branded-calling","term_group":0,"term_taxonomy_id":1598,"taxonomy":"resource_categories","description":"","parent":1592,"count":0,"filter":"raw"},{"term_id":498,"name":"Build","slug":"build-phase","term_group":0,"term_taxonomy_id":498,"taxonomy":"resource_categories","description":"","parent":507,"count":7,"filter":"raw"},{"term_id":1590,"name":"Company name","slug":"company-name","term_group":0,"term_taxonomy_id":1590,"taxonomy":"resource_categories","description":"","parent":1589,"count":0,"filter":"raw"},{"term_id":499,"name":"Concept","slug":"concept-phase","term_group":0,"term_taxonomy_id":499,"taxonomy":"resource_categories","description":"","parent":507,"count":4,"filter":"raw"},{"term_id":1584,"name":"Coordinated Vulnerability Disclosure","slug":"coordinated-vulnerability-disclosure","term_group":0,"term_taxonomy_id":1584,"taxonomy":"resource_categories","description":"","parent":1576,"count":1,"filter":"raw"},{"term_id":1597,"name":"Customer Education and Awareness Campaigns","slug":"customer-education-and-awareness-campaigns","term_group":0,"term_taxonomy_id":1597,"taxonomy":"resource_categories","description":"","parent":1592,"count":0,"filter":"raw"},{"term_id":200,"name":"cvd","slug":"cvd","term_group":0,"term_taxonomy_id":200,"taxonomy":"resource_categories","description":"","parent":0,"count":1,"filter":"raw"},{"term_id":177,"name":"CVD Programme","slug":"cvd-programme","term_group":0,"term_taxonomy_id":177,"taxonomy":"resource_categories","description":"","parent":0,"count":3,"filter":"raw"},{"term_id":500,"name":"Decommissioning","slug":"decommissioning-phase","term_group":0,"term_taxonomy_id":500,"taxonomy":"resource_categories","description":"","parent":507,"count":3,"filter":"raw"},{"term_id":501,"name":"Delivery","slug":"delivery-phase","term_group":0,"term_taxonomy_id":501,"taxonomy":"resource_categories","description":"","parent":507,"count":3,"filter":"raw"},{"term_id":502,"name":"Deployment","slug":"deployment-phase","term_group":0,"term_taxonomy_id":502,"taxonomy":"resource_categories","description":"","parent":507,"count":8,"filter":"raw"},{"term_id":503,"name":"Design and Development","slug":"design-and-development-phase","term_group":0,"term_taxonomy_id":503,"taxonomy":"resource_categories","description":"","parent":507,"count":9,"filter":"raw"},{"term_id":1556,"name":"M360 APAC","slug":"m360-apac","term_group":0,"term_taxonomy_id":1556,"taxonomy":"resource_categories","description":"","parent":0,"count":1,"filter":"raw"},{"term_id":1557,"name":"M360 APAC","slug":"m360-apac-publications","term_group":0,"term_taxonomy_id":1557,"taxonomy":"resource_categories","description":"","parent":1517,"count":0,"filter":"raw"},{"term_id":1518,"name":"m360 Latam 2024","slug":"m360-latam-2024","term_group":0,"term_taxonomy_id":1518,"taxonomy":"resource_categories","description":"","parent":0,"count":1,"filter":"raw"},{"term_id":1509,"name":"M360 UK 2023","slug":"m360-uk-2023","term_group":0,"term_taxonomy_id":1509,"taxonomy":"resource_categories","description":"","parent":0,"count":6,"filter":"raw"},{"term_id":1582,"name":"Mobile Cybersecurity Knowledge Base","slug":"mobile-cybersecurity-knowledge-base","term_group":0,"term_taxonomy_id":1582,"taxonomy":"resource_categories","description":"","parent":1576,"count":45,"filter":"raw"},{"term_id":1503,"name":"MWC22 Barcelona","slug":"mwc22-barcelona","term_group":0,"term_taxonomy_id":1503,"taxonomy":"resource_categories","description":"","parent":0,"count":6,"filter":"raw"},{"term_id":1508,"name":"MWC23 Barcelona","slug":"mwc23-barcelona","term_group":0,"term_taxonomy_id":1508,"taxonomy":"resource_categories","description":"","parent":0,"count":2,"filter":"raw"},{"term_id":1511,"name":"MWC23 Las Vegas","slug":"mwc23-las-vegas","term_group":0,"term_taxonomy_id":1511,"taxonomy":"resource_categories","description":"","parent":0,"count":1,"filter":"raw"},{"term_id":1516,"name":"MWC24 Barcelona","slug":"mwc24-barcelona","term_group":0,"term_taxonomy_id":1516,"taxonomy":"resource_categories","description":"","parent":0,"count":3,"filter":"raw"},{"term_id":1575,"name":"MWC25 Barcelona","slug":"mwc25-barcelona","term_group":0,"term_taxonomy_id":1575,"taxonomy":"resource_categories","description":"","parent":0,"count":2,"filter":"raw"},{"term_id":322,"name":"NESAS","slug":"nesas","term_group":0,"term_taxonomy_id":322,"taxonomy":"resource_categories","description":"","parent":0,"count":5,"filter":"raw"},{"term_id":504,"name":"Operational","slug":"operational-phase","term_group":0,"term_taxonomy_id":504,"taxonomy":"resource_categories","description":"","parent":507,"count":23,"filter":"raw"},{"term_id":1578,"name":"Post quantum use case library","slug":"post-quantum-use-case-library","term_group":0,"term_taxonomy_id":1578,"taxonomy":"resource_categories","description":"","parent":1522,"count":6,"filter":"raw"},{"term_id":1522,"name":"Post-quantum","slug":"post-quantum","term_group":0,"term_taxonomy_id":1522,"taxonomy":"resource_categories","description":"","parent":0,"count":15,"filter":"raw"},{"term_id":1581,"name":"Post-Quantum Cryptography","slug":"post-quantum-cryptography","term_group":0,"term_taxonomy_id":1581,"taxonomy":"resource_categories","description":"","parent":1576,"count":11,"filter":"raw"},{"term_id":505,"name":"Procurement","slug":"procurement-phase","term_group":0,"term_taxonomy_id":505,"taxonomy":"resource_categories","description":"","parent":507,"count":3,"filter":"raw"},{"term_id":1517,"name":"Publications","slug":"publications","term_group":0,"term_taxonomy_id":1517,"taxonomy":"resource_categories","description":"","parent":0,"count":46,"filter":"raw"},{"term_id":1599,"name":"Region","slug":"region","term_group":0,"term_taxonomy_id":1599,"taxonomy":"resource_categories","description":"","parent":1589,"count":0,"filter":"raw"},{"term_id":368,"name":"SAS","slug":"sas","term_group":0,"term_taxonomy_id":368,"taxonomy":"resource_categories","description":"","parent":0,"count":1,"filter":"raw"},{"term_id":1593,"name":"Scam Call Detection and Blocking","slug":"scam-call-detection-and-blocking","term_group":0,"term_taxonomy_id":1593,"taxonomy":"resource_categories","description":"","parent":1592,"count":0,"filter":"raw"},{"term_id":1580,"name":"Securing the 5G era","slug":"securing-the-5g-era","term_group":0,"term_taxonomy_id":1580,"taxonomy":"resource_categories","description":"","parent":1576,"count":5,"filter":"raw"},{"term_id":1595,"name":"SIM Swap Fraud Prevention","slug":"sim-swap-fraud-prevention","term_group":0,"term_taxonomy_id":1595,"taxonomy":"resource_categories","description":"","parent":1592,"count":0,"filter":"raw"},{"term_id":1594,"name":"SMS Phishing (Smishing) Detection","slug":"sms-phishing-smishing-detection","term_group":0,"term_taxonomy_id":1594,"taxonomy":"resource_categories","description":"","parent":1592,"count":0,"filter":"raw"},{"term_id":1596,"name":"Subscription Fraud Prevention","slug":"subscription-fraud-prevention","term_group":0,"term_taxonomy_id":1596,"taxonomy":"resource_categories","description":"","parent":1592,"count":0,"filter":"raw"},{"term_id":1563,"name":"Supply Chain Publications","slug":"supply-chain-publications","term_group":0,"term_taxonomy_id":1563,"taxonomy":"resource_categories","description":"","parent":1517,"count":1,"filter":"raw"},{"term_id":1585,"name":"Supply Chain Toolbox","slug":"supply-chain-toolbox","term_group":0,"term_taxonomy_id":1585,"taxonomy":"resource_categories","description":"","parent":1576,"count":8,"filter":"raw"},{"term_id":1583,"name":"T-ISAC","slug":"t-isac","term_group":0,"term_taxonomy_id":1583,"taxonomy":"resource_categories","description":"","parent":1576,"count":0,"filter":"raw"},{"term_id":1579,"name":"T-Isac Blog","slug":"t-isac-blog","term_group":0,"term_taxonomy_id":1579,"taxonomy":"resource_categories","description":"","parent":1501,"count":0,"filter":"raw"},{"term_id":1501,"name":"T-ISAC Resources","slug":"t-isac-resources","term_group":0,"term_taxonomy_id":1501,"taxonomy":"resource_categories","description":"","parent":0,"count":5,"filter":"raw"},{"term_id":1576,"name":"Technical Guidelines","slug":"technical-guidelines","term_group":0,"term_taxonomy_id":1576,"taxonomy":"resource_categories","description":"","parent":0,"count":52,"filter":"raw"},{"term_id":1592,"name":"Theme","slug":"theme","term_group":0,"term_taxonomy_id":1592,"taxonomy":"resource_categories","description":"","parent":1589,"count":0,"filter":"raw"},{"term_id":507,"name":"Topic","slug":"topic","term_group":0,"term_taxonomy_id":507,"taxonomy":"resource_categories","description":"","parent":0,"count":0,"filter":"raw"},{"term_id":1589,"name":"Use case","slug":"use-case","term_group":0,"term_taxonomy_id":1589,"taxonomy":"resource_categories","description":"","parent":0,"count":0,"filter":"raw"}],"_links":{"self":[{"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/gsma_theme_resources\/7861","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/gsma_theme_resources"}],"about":[{"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/types\/gsma_theme_resources"}],"author":[{"embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/users\/6"}],"version-history":[{"count":0,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/gsma_theme_resources\/7861\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/media?parent=7861"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/tags?post=7861"},{"taxonomy":"resource_categories","embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/resource_categories?post=7861"},{"taxonomy":"algolia_discover_type","embeddable":true,"href":"https:\/\/www.gsma.com\/solutions-and-impact\/technologies\/security\/wp-json\/wp\/v2\/algolia_discover_type?post=7861"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}