Conforming to the most rigorous standards of information security, NavVis now carries a TISAX label as a trusted service provider to the automotive industry.
NavVis is pleased to announce that it has been awarded a TISAX label as a service provider to the automotive industry. As of April 2021, the company is rated TISAX assessment level 3 for information security, data protection and connection of third parties.
“Information security is a core pillar for our business,” says NavVis CEO and co-founder Felix Reinshagen. “Our customers provide us with their critical and confidential data and they trust us to handle it in a way that’s professional and secure.”
“Equally important is the protection of our company’s own critical data, information and intangible assets to avert negative consequences from data leaks,” he continues. “Information security is a collective responsibility at NavVis – we all follow our information security rules and policies on a daily basis.”
NavVis fully recognizes the importance of an information security protocol that’s robust, standardized and transparent to the automotive industry. In this post, we go into a bit of detail about why it’s necessary and what a TISAX label represents.
What is information security, and why is it so important in the automotive industry?
Going right back to the fundamentals, information security is about protecting your organization and your partners against the unauthorized use of sensitive information, e.g., company performance, business outlook, intellectual property, product and solution roadmaps, pricing, or organizational structure.
Specific to the automotive industry, this sector might require a set of information security protocols in order to exchange design data in development processes with third-party suppliers, for example, or to underpin the security required for their manufacturing processes to function. It’s also relevant to the automated data exchange between networked production systems and contributes to production availability and reliability.
The role of information security even extends to the vehicles we drive. That car parked in your garage is much more than just an engine, chassis and four wheels. Today, it represents a sophisticated fusion of software and hardware with online connectivity; it’s probably logging long-term metrics about your driving habits that feed into future car designs. In those terms, it also requires protection against unauthorized access.
For these reasons and more, service providers and suppliers to the automotive industry are required to prove to their customers – at regular intervals – that they’re complying with a set of standardized and specific regulations concerning information security.
What is TISAX?
Ready for some acronyms? The Trusted Information Security Assessment Exchange (TISAX) is a standard assessment and exchange mechanism for the automotive industry.
Based on the Information Security Assessment (ISA) developed by the German Association of the Automotive Industry (VDA), the label is widely adopted as an inter-company test and exchange mechanism.
Pulling all that together, TISAX has been developed under the guidance of the VDA to ensure a level of information security that’s uniformly consistent. The benefits of a TISAX label are that it brings standardization, quality assurance and mutual recognition of audits between companies.
Moreover, TISAX delivers a framework for information security assessments by audit providers in accordance with VDA standards; it helps to avoid conducting audits which fall short of the required standard.
“The process of evaluation for a TISAX label was not a light undertaking for NavVis, requiring many months of preparation and independent auditing, but the journey was entirely worth the effort,” said Stefan Sander, Global Head of Enterprise Professional Services at NavVis.
“I’m incredibly proud of what our internal InfoSec committee has been able to accomplish in such a short period of time, and our partners in the automotive industry can be rest assured that their data is in safe hands at NavVis.”
Click here to view the the results of our assessment on the TISAX portal.
All this, and ISO 27001 too
But wait, we have more good news to share. In addition to the TISAX label, NavVis has also been ISO 27001 certified since May 2021. ISO 27001 is the international standard for information security that sets out the specification for an information security management system (ISMS).
This best-practice approach guides organizations towards manage their information security by addressing three tiers: people, processes, and technology. An ISO 27001 certificate is recognized globally as proof that a company’s ISMS is in line with information security best practice.
With this accreditation plus TISAX, NavVis abides by some of the most stringent information security protocols and processes in the world. And we will continue to do so long into the future, for the benefit of all our customers, partners, and employees.
For more information on the TISAX label and ISO 27001 certification, or if you have any other questions about information security at NavVis, drop us a line and we'll be in touch shortly.