<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!! Overview [1]
[{$pagename}] is a [Information security] [policy] for design where the system is designed from the ground up to be secure. 

[Malicious] [attacks] are taken for granted and design care is taken to minimize impact when a [vulnerability] or invalid user input is encountered.

[{$pagename}] generally implies that everything works with the [least amount of privileges possible|principle of least privilege]. 

For example a Web server that runs as the administrative user (root or admin) can have the privilege to remove files and users that do not belong to itself. Thus, a flaw in that program could put the entire system at risk. On the other hand, a Web server that runs inside an isolated environment and only has the privileges for required network and filesystem functions, cannot compromise the system it runs on unless the security around it is in itself also flawed.

!! Department for Digital, Culture, Media and Sport[2]
The [United Kingdom]'s Department for Digital, Culture, Media and Sport, publishes a Code of Practice to support all parties involved in the development, manufacturing and retail of consumer [IoT] with a set of guidelines to ensure that products are [{$pagename}] and to make it easier for people to stay secure in a digital world.

The Code of Practice brings together, in thirteen outcome-focused guidelines, what is widely considered good practice in IoT security. It has been developed by the Department for Digital, Culture, Media and Sport (DCMS), in conjunction with the National Cyber Security Centre (NCSC), and follows engagement with industry, consumer associations and academia. The Code was first published in draft in March 2018 as part of the [{$pagename}] report.!! Category
%%category [Information security]%%!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Secure_by_design|Wikipedia:Secure_by_design|target='_blank'] - based on information obtained 2018-10-21- 
* [#2] - [Code of Practice for consumer IoT security|https://www.gov.uk/government/publications/secure-by-design/code-of-practice-for-consumer-iot-security|target='_blank'] - based on information obtained 2018-10-21
</pre>