The California State Legislature recently passed a bill called “Information Privacy: Connected Devices” that creates regulations for IoT devices sold in the United States. SB-327, which applies to all devices that connect to the Internet and include an Internet Protocol or Bluetooth address, would require that security audits be conducted on components purchased overseas. The bill is the first of its kind in the U.S. and has been forwarded to Governor Jerry Brown for his signature. While some have criticized the bill for not being specific or thorough enough, it could place pressure on manufacturers to offer better device-level protection against cyberattacks. Continue reading California Passes Security Bill to Regulate Connected Devices

In a recently published Infrastructure Security Design Overview, Google explains its six layers of security for the cloud it uses for its own operations and its public cloud services. The company also revealed that it designs custom chips, “including a hardware security chip that is currently being deployed on both servers and peripherals,” that allow it to “securely identify and authenticate legitimate Google devices at the hardware level.” The chip works with cryptographic signatures validated during each boot or update. Continue reading Newly Published Google Overview Spells Out Security Details