Policy on Internet of Things security