California Law Demands More Security From Connected Devices -- Security Today

California Law Demands More Security From Connected Devices

California is looking to make the Internet of Things more secure.

By Sydny Shepard
Oct 02, 2018

California is demanding greater security from connected devices and the Internet of Things. Gov. Jerry Brown has signed Assembly and Senate bills that require hardware makers to include "reasonable" security measures for connected devices. All gadgets will require at least some kind of protection against unauthorized data access.

If a device connects to the internet, it will have to require either a preset password, "unique to each device manufactured," or else the ability to generate a new authentication method (like a custom password) on initial setup. This will help strengthen cameras that were vulnerable to attack because they all used the same default password.

The laws are set to take effect on January 1, 2020, giving tech companies plenty of time to build the features into their products. The companies, however, are still hesitant about complying.

The California Manufacturers and Technology Association (which includes companies like AT&T, Intel and Honeywell) told Government Technology that the state was imposing "undefined rules" and had allegedly created a "loophole" that let imported devices avoid the rules. The Entertainment Software Association, meanwhile, claimed that existing laws already covered reasonable privacy protection.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

Survey: Nearly Half of Employees Hide Workplace AI Use

Laserfiche, a SaaS provider of intelligent content management and business process automation, recently released new survey findings on AI adoption in the workplace, revealing that nearly half of Americans (49%) who use AI at work keep it to themselves, with 15% deliberately avoiding telling their manager. Read Now
- Artificial Intelligence
- Cybersecurity
46% of Enterprise Passwords Are Vulnerable to Cracking

Picus Security recently released The Blue Report™ 2025, based on more than 160 million real-world attack simulations. Now in its third year, the report provides a data-driven assessment of how well security controls perform against today’s threats — and this year’s findings are the most concerning to date. Read Now
- Cybersecurity
Community-Led Video Security Network Transforms Pennsylvania City Public Safety

A community-supported video security initiative has transformed public safety in Lancaster, Pennsylvania. The citizen-led collaboration demonstrates how open platform video technology can help revitalize struggling urban areas. Read Now
- Government
Browser-Based AI Agents: The Silent Security Threat Unfolding

Some of the most revolutionary advances in artificial intelligence include browser-based AI agents, which are self-sustaining software tools integrated into web browsers that act on behalf of individuals. Read Now
- Cybersecurity
Report: Cybercriminals Abandon Tech Tricks for Personalized Email Deception Tactics

VIPRE Security Group, a cybersecurity, privacy, and data protection company, has released its email threat landscape report for Q2 2025. Through an examination of worldwide real-world data, this report sounds the alarm on the most significant email security trends observed in the second quarter of 2025, enabling organizations to develop effective email security defenses for the remainder of the year. Read Now
- Cybersecurity

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Survey: Nearly Half of Employees Hide Workplace AI Use

LifeSafety Power Announces New Power Integration with ProdataKey

PureTech Systems, Clear Align Partner to Deliver Advanced Autonomous Security, Command-and-Control for U.S. Air Force Tactical Security System

Securitas and AlertMedia Offer Emergency Response Solutions

Survey: Walking Alone at Night is the Greatest Safety Fear of Women Nationwide

Webinars

Whitepapers

New Products

PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.
AC Nio

Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.
Connect ONE®

Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.