Is your app OWASP, GDPR, or NIAP compliant?
General Data Protection Regulation (GDPR)
In July of this year, British Airways was fined $228 million and Marriott International was fined $124 million for violating General Data Protection Regulation (GDPR). Both fines were far less than the maximum allowed.
GDPR aims to harmonize data privacy laws across Europe, protect and empower EU citizens’ data privacy, and reshape the way organizations approach data privacy. Penalties for GDPR infractions are stiff: fines up to €20 million or up to 4% of the annual worldwide turnover, whichever is greater. Clearly, non-compliance can be costly.
Kryptowire can help your organization determine if your mobile app is GDPR compliant, as well as provide evidence of compliance. Contact us, and we’ll walk you through just how we can help.
To learn more about GDPR:
National Information Assurance Partnership (NIAP)
NIAP is a program ran by the National Security Agency (NSA) in the United States which produces Protection Profiles (PP) for different hardware and software systems. Kryptowire provides a direct mapping to the NIAP PP for Application Software which is concerned with compliance of mobile applications. This regulation is Common Criteria (CC) accepted and used by the Department of Defense, Department of Homeland Security, and even civilian agencies in the United States. Kryptowire’s international government customers have also began to embrace this requirement as the de-facto standard for mobile application security in any government worldwide.
Open Web Application Security Project (OWASP)
OWASP is a community based organization that creates guidelines for creating secure applications. The OWASP Mobile Top 10 is a project that captures the top ten risks in mobile applications. Kryptowire provides a report that covers each of the Mobile Top 10 to ensure your applications are not exposed to the major risks in the industry.
The EU General Data Protection Regulation (GDPR) is in effect as of May 25, 2018. Are your mobile apps GDPR compliant?