As Europe’s largest developer and manufacturer of security systems, Ajax Systems is committed to mitigating cybersecurity risks. We reassure users that we incorporate the necessary security measures for product protection, while our partners and distributors can be certain that Ajax devices fully comply with the latest local regulations.
In line with these commitments, we are glad to confirm that Ajax devices are compliant with the Product Security and Telecommunications Infrastructure (PSTI) Regulations 2023. The new regime for consumer connectable product security comes into effect on April 29, 2024, in the UK, and we are ready for the changes. All Ajax products adhere to the requirements of Schedule 1 and the self-declaration system.
Some devices also meet the requirements of Schedule 2, namely:
Verify Ajax device’s compliance with the PSTI Regulations 2023 and other standards here.
How the PSTI Regulations 2023 affect businesses
If you are an Ajax partner or distributor, the new regime will not affect your business. The regulations introduce new cybersecurity standards and mandate compliance from manufacturers and importers to be able to run their business as usual. Yet, all Ajax product lines comply with the regulations and are ready for inspections if any. Also, the new standards might raise questions among clients. Ajax partners and distributors can easily address clients’ concerns and reassure them of the full compliance of all Ajax products with the latest regulations.
New security requirements to know
The PSTI Act 2022 and Regulations 2023 are a positive step towards user cybersecurity. The Regulations 2023 set out the specific requirements for manufacturers to comply with in relation to relevant connectable products:
- Passwords. Passwords must be unique per product, or a user should be able to define them. In Ajax devices, we do not use default passwords in order to eliminate a potential system weakness. For example, our cameras have passwordless authentication via mTLS, ensuring that they can be connected to one space only. Each cloud-endpoint interaction is authenticated through encrypted certificates. There are no passwords to be compromised.
- Vulnerability disclosure policy. The PSTI Regulations 2023 require manufacturers to make it possible to report vulnerabilities in a product and provide information about their elimination. Ajax Systems welcomes feedback about security or privacy vulnerabilities here and is committed to clear and transparent communication with the reporters of issues.
- Minimum security update periods. Information on minimum security update periods must be published. In Ajax Systems, updates of software and firmware are an integral part of product development and improvement. We release security and other updates for cameras, NVRs, hubs, and range extenders whenever necessary to introduce new features, improve system stability, or provide higher security and for at least two years of the warranty period.
All Ajax product lines are compliant
All Ajax product lines — Superior, Fibra, and Baseline — comply with the PSTI Regulation 2023. Also, they are mutually compatible, which opens up numerous possibilities for building systems of any configuration.
👉 Learn more about Superior product line
👉 Learn more about Fibra product line
Clients often assume that all connectable devices comply with security standards because, otherwise, they would not be for sale. This is not always the case. Ajax partners and distributors can leverage the fact that Ajax products are compliant with the PSTI Regulations 2023 and be sure that they offer reliable and credible solutions. Win trust with Ajax products.
For more information on the PSTI Regulations 2023, click here.