Eurofins Digital Testing's Cyber Security division has launched a General Data Protection Regulation (GDPR) testing service to assess data protection capabilities and ensure consumer electronics (CE) devices and their associated businesses and processes are conforming to the GDPR.
GDPR is the legal framework for personal data protection and privacy for all individuals within the European Union and applies to any company involved with the movement, processing or storage of personal data related to EU citizens, regardless where the company is located. Eurofins' GDPR testing service runs test data assessments to help worldwide companies meet the new security and privacy requirements and avoid substantial fines and penalties that can be imposed for non-compliance.
"With GDPR now in place, it is critical that companies adhere to the stringent data protection framework by running checks with test data to confirm compliancy," said Johan Craeybeckx, business line director, Eurofins Digital Testing International. "Eurofins is proud to offer this new program to help our customers test their overall level and/or device readiness to comply with the GDPR to ensure protection and privacy for how consumers' personal data is used and managed."
Eurofins' GDPR conformance testing program can be customised for individual requirements. The core elements tested include:
- Testing communication to and from devices
- Testing vulnerability of products
- Conformance to country-specific security requirements
- Analysis of product firmware to see whether it is possible to extract sensitive data
Additional services available include:
- Remote host assessments and penetration testing
- Local host assessments
- Mobile app testing (iOS and Android)
- Code review, with a focus on embedded software
- Checks according to Application Security Verification Standard and/or OWASP Top 10
- Hardware and embedded system testing from documentation review to coding errors and security loopholes