There is however, still a lack of mature business models in dealing with the advent of IoT, and industry standards have yet to be fully developed. The landscape for network and information security is becoming increasingly challenging – needless to say.
In this digital age, we find more and more products requiring/using an Internet connection. Almost every aspect of our lives is progressively being integrated into the Internet of Things (IoT) sphere.
In this space, our client is a leading solutions provider in the global video surveillance industry and has ranked among the top in said market since 2014 according to an IHS report. With around 13,000 employees situated all over the world, our client's solutions, products and services are adopted in over 180 countries and regions. It also has 35 subsidiaries globally, covering: Asia, Americas, Europe, Middle East, Oceania, and Africa.
As a multi-national video surveillance solutions company, with a product line of network cameras and NVRs, it was keen to demonstrate to the market and their customers that they take the protection of customer personal data very seriously, and in accordance with statutory data protection regulations like GDPR.
TÜV Rheinland proposed the IoT Product privacy certification (Phase 1 – awarded in 2018). Comprehensive product testing services were conducted based on internet 2PfG standards, as a part of the certification. The NVR, IP camera was tested and found to have passed, and was subsequently given the IoT Privacy Certificate.
For Phase 2, TÜV Rheinland offered to perform a gap assessment against the GDPR requirements for their cloud services based platform, providing a detailed Prioritized GDPR compliance implementation roadmap.
How TÜV Rheinland added value + plus points
Client is able to demonstrate to their customers and clients that their products address IoT privacy fundamentals, meet the privacy requirements, and they are transparent about how their personal data is used.
Our work with them also allows them to review their designs and implement new and improved ways of managing customer data throughout its existence.
*Anonymity of client is intentional