What is TISAX®?
TISAX® (Trusted Information Security Assessment Exchange) is a standard for information security defined by the automotive industry and is playing an increasingly important role in this sector. One of the main reasons is that automotive manufacturers carry out a large part of their product development with partners and suppliers. Security throughout the entire value and supply chain must therefore be guaranteed by appropriate TISAX® certification.
With TISAX®, the automotive industry is the first industry in the world to offer an assessment based on a standardized questionnaire and to mutually recognize the assessment results. A large number of automotive manufacturers and suppliers are therefore increasingly demanding existing TISAX® certification from their business partners.
Why is TISAX® certification relevant for mobile devices?
Implementing the TISAX® guidelines is not always trivial, as they affect both processes and the company’s IT infrastructure. Because a lot of TISAX®-relevant and sometimes confidential information has to be shared, a reliable communication solution for employees is required. Mobile devices in particular have become a central part of everyday working life and should be subject to special protection. Concepts such as Bring-Your-Own-Device (BYOD) and Coporate-Owned-Private-Enabled (COPE), where employees use their smartphones or tablets for both business and private purposes, must also be covered. And in order to comply with all GDPR regulations, the two areas must be kept separate.
How SecurePIM supports TISAX® certification
SecurePIM is the ideal solution for the secure handling of TISAX®-relevant data on mobile devices. The three most important features are
Strict separation
The solution reliably shields the data from the rest of the system so that neither the device manufacturers nor other apps have access to it. SecurePIM can therefore also be used without hesitation for BYOD and COPE scenarios, without synchronizing company contacts with third-party providers, for example. SecurePIM therefore complies with TISAX® Controls 8.3, 12.3 and 13.4.
Local encryption
The data on the device is encrypted locally and users can access the TISAX® data it contains using a password, PIN, fingerprint or facial recognition. The hybrid encryption with the asymmetric RSA method up to 4096 bits and the symmetric AES-256 is particularly secure. It complies with TISAX® Controls 8.3 and 10.1.
Transport encryption
Communication in the company network is provided via the SecurePIM Gateway. The connection to the gateway and the mail server is always TLS-encrypted. For particularly high security requirements, it is also possible to sign and encrypt emails via S/MIME. Transport encryption complies with TISAX® Controls 10.1 and 13.4 for iOS devices.
Information on the individual controls can be found on the website of the German Association of the Automotive Industry.
TISAX® is a registered trademark of the ENX Association.