In March 2023, eufy Security enlisted the expertise of cybersecurity authority Ralph Echemendia, known as “The Ethical Hacker.” (see Ralph’s recent [Ted Talk on Privacy]
Over the past six months, Mr. Echemendia has collaborated closely with our product, software, legal, and operations teams to evaluate all aspects of our cybersecurity readiness, including threat detection, compliance, and response planning.
Ralph’s audit methodology encompassed two key areas: proactive and reactive security assessments (see graphic below):
● In the proactive domain, he reviewed Security Governance and Operations, assessing compliance with ISO-27001/27701 standards and ETSI-303645. Operations included Asset Management and Threat/Vulnerability Management, with a focus on penetration tests and vulnerability scanning. Asset protection through encryption was also evaluated.
● In the realm of Reactive Security, he assessed Identity and Access Management, Security Monitoring, and our overall Incident Response framework.
We are delighted to announce that on September 20, Mr. Echemendia delivered his final written assessment, confirming that eufy Security has successfully met all proactive and reactive security benchmarks. This accomplishment underscores our steadfast commitment to protecting our customers’ privacy and security.
We appreciate your trust in eufy Security and remain committed to upholding the highest cybersecurity standards.