Collection

Cyber security in enterprise connected devices

This page details the government's work to improve the cyber security of enterprise connected devices (or 'IoT' devices.)

From:: Department for Science, Innovation and Technology
Published: 12 May 2025

“Enterprise connected devices” are network connected devices designed specifically for use by businesses and organisations. This includes office printers, office cameras, video conferencing systems, building entry systems and room booking systems.

These devices are used in the daily operation of thousands of organisations across the UK; however, the government is aware of significant concerns around their security. If compromised, a single enterprise connected device can potentially give hostile actors access to an entire organisation’s network. As well as presenting a threat to individual users and corporate networks, these devices can also represent a large-scale strategic risk to the overall digital environment.

The Department for Science, Innovation and Technology (DSIT) has been working to secure enterprise connected devices alongside the National Cyber Security Centre (NCSC).

The research collated on this page sets out some key findings, including:

Connected devices are commonplace within many organisations however, IT professionals have concerns about device security.
Vulnerabilities are regularly found in enterprise connected devices which could put many organisations at risk.
Organisations lack clarity on how to monitor and protect themselves from vulnerable connected devices.

More detail on the security risks are set out in the NCSC threat assessment on the organisational use of enterprise connected devices.

DSIT is developing policy to address these issues and will provide further updates in due course.

This work contributes to the government’s economic growth agenda and DSIT’s mission to ensure new and existing technologies are safely developed and deployed across Britain.