Official IT-Security Label in Germany
Recently the German Government passed the IT-Security Law 2.0. („IT-Sicherheitsgesetz 2.0“)
By this the German Federal Office for Information Security (BSI – Bundesamt für Sicherheit in der Informationstechnik) has the responsibility to introduce a voluntary IT-Security Label (IT-Sicherheitskennzeichen).
One goal of this IT-Security Label is to care for consumer protection and raise the security of IoT devices. Through this Label customers should have the possibility to inform them self about the vendor promised security features of connected devices and services.
It can be done so by entering the link or scanning the QR-Code on the label, that leads to a BSI-Website with product specific security information.
In Order to get the IT-Security Label for own products, it is necessary to fill out the complete application forms together with a Manufacturer’s declaration that confirms that the product or service meets the requirements of the corresponding BSI product category.
After a positive plausibility check of the documents through the BSI, the individual Product Label will be assigned for the Validity period.
Additionally an individual Product information web page will be generated and the permanent link to this web page is part of the assigned Label.
This label can than be attached to the outer Packaging of the product.
This IT-Security Label is for the Vendors voluntary.
According to the BSI
the IT-Security Label is able to:
- collect important facts to the security features of the device in an understandable way
- show, that the manufacturer of the device voluntary committed himself to fulfill the Requirements of the BSI
- promote, that more vendors are motivated to raise the security of their Products in order to use this label
- generate trust in products, services and vendors
- help customers with the Purchase decisions for IT products
the IT-Security Label however is not able to:
- guarantee that the IT-Product is absolutely secure
- guarantee that the vendor will fulfill all the standards also after the validity period of the Label
- be understood like a „test seal“, as the BSI does not Test the devices but determines the criteria where the vendor hast to be committed to
- guarantee that no new security risks will appear
The introduction of the IT-Sicherheitskennzeichen is planned for the End of this Year 2021.
Are you interested to get the German IT-Security Label for your own Products or Services?
Please contact us!
We are happy to assist you through all the Steps of the certification process!
More success for you and a more secure future for all!