Cloud Security

Tuya Case Studies Praised by Global Cybersecurity Leaders in White Paper

Tuya Case Studies Praised by Global Cybersecurity Leaders in White Paper
Written by ga_dahmani
Tuya Case Studies Praised by Global Cybersecurity Leaders in White Paper

SAN FRANCISCO, July 12, 2022 /PRNewswire/ — Tuya Smart (“Your” or “tthe Company”) (NYSE: YOURS), a leading provider of IoT development platform services, was named today as an exemplar of cybersecurity best practices in the 2022 Global IoT Security Whitepaper.

The White Paper applauds yours smart for his holistic approach to cybersecurity leadership; specifically to acquire international third-party security certifications, establish the Tuya security team, create independent and secure data storage centers, and develop in-house innovative security products – a security operations platform solution designed to help developers eliminate security risks, Sage Yoursand the first IoT module of its kind with an embedded secure element (SE) and Common Criteria (CC) EAL6+, WBR3N certificate.

The 2022 IoT Global Security Whitepaper was jointly prepared by the Research Center for International Cyber ​​Governance (“RCCGG”) and the global standard for IoT security, the ioXt Alliance. The White Paper was written with input from Chinese-American cybersecurity and technology scholars at the Stimson Center, Albright Stonebridge Group, Stanford University Cyber ​​Policy Center, Yale Law School, MIT Computer Science and Artificial Intelligence Center, and more. It is the first prominent white paper focusing on global IoT cybersecurity and include case studies and best practices from global IoT leaders and 12 suggested initiatives to strengthen global IoT security.

Expert InfoSec in-house team, numerous third-party certifications

The White Paper states that companies should focus on improving cybersecurity, assemblingin grams safety equipment, improvisationin grams information security systems, forceening corporate compliance capability and eliminatejingle Security risks of the IoT system through the improvement of management models, processes, tools and platforms.

The White Paper research group praised yours smart for building an in-house security team and for partnering with leading international third-party institutions. The company’s in-house information security team protects your data from cradle to grave, safeguarding the software development lifecycle (SDLC). The information security team creates security classification standards for smart hardware devices, compiles security test cases to ensure technology defense, and protects the company’s software code during development.

Cooperating with leading international third-party institutions in security assessment and certification is a best practice in the global IoT industry. yours smart has met or exceeded most global information security standards. This includes an endorsement from the renowned international organization, Information Security Organization (“ISO”) certification from SGS, BSI’s ISO27001 standard for information security system, ISO27017 standard for management system Cloud Security Certification, the ISO27701 Standard for Cloud Platform Privacy and Security, and the Connectivity Standards Alliance (“CSA”) STAR Cloud Security Certification. The company has received the Enterprise Privacy Certificate (EPC) from TrustArc and regularly partners with Rapid7, wizlynx group, ScienceSoft, Chaitin Tech, DAS-Security and UnderDefense to test Tuya’s information security capabilities with professional penetration tests. .

IoT companies can ensure that their products meet critical international security standards by submitting the appropriate certificates. When it comes to product safety standards, yours smart has passed the EN 303645 and NIST IR 8259A certifications from TÜV SÜD. In 2021, Tuya announced a partnership with the ioXt Alliance to improve security for hardware developers and launched a certified component program.

“ioXt Alliance is delighted to cooperate with Tuya to increase the adoption of IoT security. With a global IoT leader like Tuya including the ioXt Certified Components Program on its platform, Tuya and ioXt can make devices more connected and smarter,” he said. craig miller, Director of Intellectual Property of ioXt. “With the guarantee of the ioXt security certificate, members and customers of the Tuya ecosystem can enjoy the highest level of IoT security and services,” concluded Miller.

Secure and independent data centers

The White Paper highlighted Tuya’s security and quality assurance in global data centers. Tuya owns six data centers that provide speed and stability to customers around the world. Each data center operates independently. Regarding regional compliance, yours smart has passed Ernst & Young’s SOC 2 audit, as well as TrustArc’s regional GDPR and CCPA compliance validation.

While Tuya does not directly engage with consumers or store final consumer data, one of its core missions is to protect business customer data and provide secure systems for storing user data. Tuya has strict internal regulations, a clear access control strategy and a robust technological architecture.

Initiatives to safeguard the global IoT industry

To speed up the construction of IoT security systems and improve the governance level of IoT security, the White Paper proposes 12 relevant measures to enhance public trust, promote governance efficiency, foster innovation of IoT companies and deepen the development of the global digital economy with the Internet of Things. Some of the key measures highlighted in the White Paper are as follows:

With isolated and fragmented IoT ecosystems, countries and transnational IoT companies must embrace global cooperation, build mutual trust across the cybersecurity sector, and work to remove obstacles that stifle mutual trust.

Building a safe, secure, and robust IoT green system is crucial to its long-term growth and sustainability. Relevant parties should take full advantage of the role of third-party testing and certification institutions, prioritize providers with cybersecurity protection capabilities, and form a zero-trust security model.within elevate security protection capability and provide users with security commitments in products and services.

Weak consumer awareness coupled with vulnerabilities in connected consumer devices poses a major threat to the industry. according to a december 2020 In a study of corporate IoT devices from Zscaler, a leader in cloud security, 76% of devices surveyed were still communicating over unencrypted plaintext channels. Companies and organizations in the IoT industry must increase cybersecurity awareness through public awareness campaigns and training, so that users can fully understand cybersecurity risk and operate IoT devices safely and responsibly. Through cooperation at all levels and with the leadership of IoT companies, the industry can advance the effective protection of personal privacy and data security.

About the author


Leave a Comment