The IQS label has been designed with the vast majority of the requirements required in the European Union in mind. The vintage logic of the label ensures a evolutionary adaptation to the European regulatory constraints. That way, the IoT actor just need to subscribe to a single labeling program for all his/her marketing actions in Europe.
The IQS labeling program is a voluntary approach by an IoT actor wishing to have its cybersecurity effort recognized within its solutions.
The application of measures from the IQS Labeling Program's security requirements standard provides reasonable resistance to the most common attacks on connected solutions. The goal of the IQS label is to.o provide a first level of security that is realistic and takes into account the challenges of the IoT market. Through this support, we hope to advance the global security of the IoT market in an incremental way.
You can report the vulnerability directly to the actor in question. If you think that a patch should be published according to the constraints of the IQS standard or if you have difficulty making yourself heard by the actor, you can contact us directly.
The IQS label is not a guarantee of compliance with the GDPR for the labeled solution, although many safety requirements are required to facilitate compliance with the European regulation.
The most commonly used approach to verify the compliance of a solution with the security requirements of the standard is based on a technical monitoring logic. Depending on the specific contexts of the solution and the requirements to be controlled, interviews and document reviews can be conducted.
digital.security is positioned as the evaluation service of the IQS certification program. The Labeling Committee, made up of safety experts and IoT experts, compares the anonymized evaluation report with the standards to make its choice and makes the IQS award.