Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
Germany: BSI introduces IT security label for mobile devices
On August 14, 2024, the Federal Office for Information Security (BSI) introduced a new IT security label for mobile devices. According to the BSI, if an IT device has a security label, consumers can see the manufacturer's promises of an appropriate level of IT security.
The BSI noted that mobile IT devices, such as smartphones and tablets, store and process a large amount of relevant and sometimes personal data, such as photos, videos, text messages, and contacts. An appropriate level of IT security for mobile devices is an essential component for protecting data and consumers.
How can organizations get the IT security label?
The BSI provides concrete guidelines and requirements for manufacturers who want to apply for the IT security label, including:
- the manufacturer must undertake to monitor vulnerabilities, communicate them transparently, and resolve them promptly;
- protection of device data through an appropriate rights system in which the user has control over relevant data, sensors, and interfaces, in particular:
- transparent display of granted rights; and
- always visible display when sensors such as microphone, camera, and location sensors are actively used; and
- pre-installed apps must communicate securely and not request unnecessary permissions, nor access the camera, microphone, and location sensors without the user's intention, even if they have the right to do so.
You can read the press release, only available in German, here.