TISAX: Data security at soft trim again certified TISAX: Data security at soft trim again certified
Without the exchange of data between the automotive industry and supplier such as soft trim seating sts GmbH, the development of modern seating systems would be unthinkable. Since highly sensitive product information is often exchanged here – often still in the very early stages of development – information security is becoming increasingly important.
To guarantee the secure exchange of information, the protection of prototypes and data security, soft trim is regularly audited according to the TISAX standard (Trusted Information Security Assessment Exchange) and its high level of information security is certified. Now this TISAX certificate has been reconfirmed.
“To be able to work with car manufacturers and OEMs at all, supplier companies like us have to meet certain standards. And since development is now almost exclusively digital, the secure handling of confidential data is a crucial point for a trusting cooperation. We are therefore pleased to have passed the TISAX audit once again,” says Kai Rudolph, commercial manager at soft trim.
In concrete terms, soft trim proved in the TISAX audit that it is futile for outsiders to try and get hold of confidential data. The security measures include, for example, two-factor authentication for employees, who only have individual access rights to software and data. In addition, sensitive data is not sent by e-mail – as is usual in business – but made available via specially protected data connections. The encrypted data is stored on special servers, which can only be accessed and decrypted by authorised persons. Security measures extend to the deletion of the data as well. Here, too, special applications and software are used to ensure that there is no longer any possibility of recovering the data.
The TISAX audit method, which was developed in 2017 by the German Automotive Industry Association (VDA) and the original equipment manufacturers in the automotive industry, has established itself as the industry standard for external suppliers and service providers as well as consultants and software developers. Independent institutes and inspection agencies use a comprehensive catalogue of questions and more than 50 controls to check exactly how securely industry-related, confidential data and internal information on prototypes, order processing and connections to other companies are processed and shared.