The Internet of Things (IoT) is growing rapidly, and everyday objects are more and more connected to the Internet and to other devices. It is increasingly difficult for consumers to judge which devices and services have which security features.
The IT Security Act 2.0 has assigned the German Federal Office for Information Security (BSI) with the task of introducing a voluntary IT Security Label. This creates transparency for consumers: It is a label that makes basic security features of digital products instantly recognisable.
For the first two product categories “broadband routers” and “email services”, manufacturers can now apply to the BSI for the IT Security Label. In this way, they ensure that the product meets the requirements specified by the BSI.
Motivation to close security vulnerabilities
Markus Schaffrin, Security Expert and Head of Member Services at the eco Association, welcomes this initiative: “The label gives consumers the assurance that their products have certain security features. This motivates manufacturers to close security vulnerabilities in everyday digital devices quickly and reliably. Because people’s trust is fundamental to successful digital transformation.”
On the German-language application page the BSI provides all the information on what is required for a successful application. In particular, the applicant must provide an assurance that they have verified and meet the underlying requirements for their product or service. If the evidence is plausible, the licence will be issued. Once all of the required documents have been submitted, the application process must be completed by the BSI within six weeks.