New UK legislation comes into force on 29th of April 2024. The Product Security and Telecommunications Infrastructure (PSTI) regulations are long overdue and will enable buyers to make informed choices.
The aim is to protect UK businesses and citizens from cyber threats posed by poorly secured consumer IoT connectable products used in homes and the workplace, this includes Kyocera's A4 printers and MFPs.
PSTI covers consumer connectable products such as IoT or smart devices in the UK.
Weak passwords like ‘Admin 123’ that can be guessed or easily compromised are banned. Compliant products must have a unique password to be legally sold or made available as part of a service in the UK. This applies to both new and refurbished products placed on the market and devices made available as part of a solution or service, such as a Managed Print Service.
The regulations force manufacturers to take responsibility to maintain the products they sell by requiring them to publish a Vulnerability Disclosure Policy. Manufacturers will need to identify and flag any product security vulnerabilities and provide a mechanism for third parties to report identified risks.
The regulations require the minimum length of time that products will be supported with security updates to be published. This will help inform purchasing decisions.
All products made available to the market must be accompanied by a statement of compliance.
Ultimately PSTI will give customers confidence and help them make informed purchasing decisions. The regulations are a force for good and long overdue. Products are already highly regulated to ensure they do not cause physical harm from overheating, or electrical interference. Now connectable devices will need to protect consumers from cyber harm, including loss of privacy and personal data.
What’s in the box
Need to reset your device password, click here to talk to our support team.
Click here to report a vulnerability or a known security issue with a Kyocera PSTI compliant device.