EMQ Secures Top Automotive Security Credential with TISAX Certification
Morgan Hill, CA, March 25, 2024 – EMQ, developer of the world’s leading open-source MQTT messaging platform, EMQX, recently announced it has successfully achieved the TISAX®(Trusted Information Security Assessment Exchange) certification, meeting the Assessment Level 2 for Information with High Protection Needs. TISAX® assessment serves as a vital information security benchmark within the German and North American automotive supply chains, affirming that EMQ meets the highest global standards in the automotive industry for offering safe and reliable IoV data communication services to automotive OEM customers regionally and worldwide.
TISAX® acts as a testing and exchange mechanism for enterprise information security. Jointly developed in 2017 by the VDA (German Association of the Automotive Industry) and ENX (European Network Exchange), TISAX® functions as an information security and exchange platform specifically for the automotive industry. By adhering to the VDA's information security assessment criteria set in 2017, TISAX® aims to encourage suppliers in the automotive industry including parts manufacturers and service providers to fulfill varying information security requirements laid out by relevant stakeholders, especially automakers. This ensures broad recognition exchange, and trust in TISAX®'s assessment outcomes, significantly reducing the costs associated with repeated inspections by automakers.
The automotive industry is currently undergoing rapid development in digitization and globalization, facing increasing internal and external information security risks. TISAX® addresses these challenges by ensuring the secure processing of information from business partners, protecting prototypes, and complying with the General Data Protection Regulation (GDPR) for potential business engagements between automobile manufacturers and their suppliers. Notably, several globally renowned automotive brands, including Porsche, BMW, Volkswagen, Audi, Mercedes-Benz, Bentley, and Ford, have mandated VDA-TISAX as the standard auditing criterion for supplier admission.
The TISAX® assessment of EMQ was carried out by SGS (Société Générale de Surveillance), a globally recognized TISAX® assessment provider. The assessment process covered areas such as information collection, storage, processing, work equipment, and IT systems. Through a rigorous audit, EMQ demonstrated a high capability for managing information with elevated protection needs, fully meeting 41 control objectives and nearly 400 specific requirements across information security, prototype protection, and data protection modules. This accomplishment not only aligns with the highest information security standards in the European and North American automotive industries but also secures authoritative recognition from automotive sectors in these regions.
With this TISAX® certification, EMQ ensures its customers of the highest standard in data handling and processing. Understanding the importance of managing personal data, EMQ approaches this responsibility with utmost seriousness across all customer interactions. Beyond adhering to stringent industry security standards, EMQ is committed to delivering top-notch IoV data connectivity services. Its flagship MQTT platform, EMQX, enables automotive companies to quickly deploy secure and efficient connected vehicle communication protocols using MQTT over QUIC technology, enhancing in-vehicle connection stability, reducing latency, and improving reliability and security in mobile scenarios. EMQ’s diverse solutions support a wide range of applications, including connected vehicles, autonomous driving, and smart mobility, providing comprehensive support for innovation among automotive companies and their suppliers.
We are immensely proud to receive the TISAX® certification," stated Dylan Kennedy, CEO of EMQ. "This achievement reflects our relentless commitment to quality and security in every aspect of our operations. TISAX® compliance is a testament to our dedication to safeguarding data handling and processing standards.”
“Our strategic goal is to broaden our global footprint, leveraging our cutting-edge IoT connectivity technology and premier security management practices,” Kennedy added. “At EMQ we are focused on delivering security solutions that meet the strictest standards, ensuring adherence to global regulations and protecting data privacy. Our continuous innovation sets the benchmark for security and efficiency in the global automotive industry, offering unparalleled value to our customers.”
Furthermore, EMQ has obtained several information security-related certifications, such as SOC2 Type I, SOC1 Type II, ISO 20000, ISO 27001, and ISO 27701.Attaining TISAX® certification signifies a major milestone in safeguarding user data and establishing a robust security framework to the highest standards.
Looking ahead, EMQ will persist in upholding the utmost information security standards for its products and services, ensuring the protection of customer data in the cloud.
For additional information on EMQ’s compliance initiatives, please visit Security & Trust Center.
About TISAX
TISAX (Trusted Information Security Assessment Exchange) is a standardized framework for conducting information security assessments and facilitating information exchange, designed to ensure the security of data within supply chains. Spearheaded by the German Association of the Automotive Industry (VDA), TISAX has achieved broad acceptance across the global automotive sector. TISAX certification allows companies to demonstrate adherence to industry data security and information exchange standards, enhancing trust among partners and customers. While it is a benchmark in the automotive industry, TISAX is also extensively adopted in other sectors for information security assessments.