i46

Asset 2

Full compliance with the Cyber Resilience Act.
Guaranteed.

i46 provides full and continuous compliance with the Cyber Resilience Act for IoT manufacturers and software developers.

Status Dashboard - i46 Beta Program

IoT devices put on the market after June 2024 will have to show compliance with the CRA !

i46 - Selected by:

Why is compliance with the Cyber Resilience Act hard to achieve?

The CRA introduces never-seen-before requirements

Gone are the days of shoddy security – secure-by-design is now the law of the (development) land . Patching up vulnerabilities after the fact won't cut it anymore – proactive threat mitigation, vulnerability assessments, and secure updates become the norm. But with limited resources and entrenched development models, adapting to this paradigm shift will be no mean feat.

CRA compliance must be continuously monitored

The CRA's grasp extends beyond initial compliance, demanding continuous monitoring throughout the device's lifespan. Newly discovered software vulnerabilities, can render your once-compliant device or software into a potential threat. But ensuring this perpetual state of cybersecurity is daunting. Resources stretch thin, and hidden flaws can lurk in the shadows.

Reaching compliance could be expensive

Internal resources, already stretched thin, may buckle under the burden of revamped processes, specialized expertise, and ongoing monitoring infrastructure. The CRA is a feast fit for security giants, not smaller innovator. Collaboration, innovative solutions, and a touch of regulatory support from i46 will be crucial to ensure CRA compliance doesn't become a luxury.

This is about to change

How will i46 help you achieve compliance ?

Initial assessment
πŸ•’1 day

Every journey begins with a single step.
With us, our path to CRA compliance starts with a swift and thorough Initial Assessment. This first phase, lasting just one working day, is entirely free of charge and designed to quickly determine if your product aligns with our certification capabilities.

Full Assessment
πŸ•’2 to 4 weeks

In Phase 2, we uncover the exact changes your product needs to undergo in order to become CRA compliant. Our experts conduct a comprehensive assessment, leaving no stone unturned to ensure your product aligns with the stringent requirements of the CRA.

Certification
πŸ•’4 to 8 weeks

Reaching CRA compliance is now within sight.
Phase 3, Certification, seals the deal, ensuring your IoT devices are not only secure but recognized as such. During this phase we ensure that the issues identified in Phase 2 have been addressed and establish the EU Authorized Representative contract, fulfilling the requirement for non-EU companies to have a Representative in the EU.

Continuous monitoring
πŸ•’device lifetime

In Phase 4, i46 focuses on continuous monitoring, ensuring your devices remain compliant with the Cyber Resilience Act throughout the lifetime of your devices. During this phase, we will conduct annual reviews of your product, and may exercise our mandate as EU Authorized Representatives if the occasion to do so arises.

Each phase, in detail.

↙

Includes EU Authorised Representative Services !

Initial Assessment
πŸ•’1 day
Free

initial assessment
Initial Assessment > Goals

The Initial Assessment

Every journey begins with a single step. And with us, that first step towards compliance is remarkably swift, thorough, and completely free. The Initial Assessment a one-day dive into your product's security posture, designed to clarify your path forward.
Our dedicated experts will scrutinize your documentation, architecture, and development processes. Within a day, you will receive a clear roadmap for achieving a robust, CRA-compliant future.

Requirements

β€’ General product description


β€’ Pictures of the device
β€’ Architecture and operating system,
β€’ Remote Access to one device.

Outcomes

β€’ Certification Approval : In most cases, we will confirm your product's eligibility for i46 certification within one working day.


β€’ Physical Product Request : For certain scenarios, we may ask you to deliver a physical unit to our lab for more in-depth analysis

Full Assessment
πŸ•’2 to 4 weeks
up to 7,500 euros

Full Assessment > Goals

The Full Assessment

The Full Assessment is a meticulous and comprehensive evaluation of your product or software, designed to provide you with a clear roadmap for achieving compliance.

Our experts will delve into every aspect of your product: architecture, security posture, development processes, data handling, and potential vulnerabilities. No detail is overlooked as we analyze your product against the stringent CRA standards.

The result is a personalized action plan, outlining the precise adjustments needed to ensure your product meets all compliance criteria.

Requirements

β€’ Design documents (if available),


β€’ Installation script for your software,
β€’ Any other relevant document.

Outcome

β€’ A detailed list of changes required for certification, pinpointing areas for improvement and ensuring compliance with the CRA's robust security standards.

Certification
πŸ•’4 to 8 weeks
up to 10,000 euros

Certification > Goals

The Certification

Building on the roadmap built in the previous phase, this phase takes your product on a transformative journey towards CRA compliance.

We focus on two key objectives: ensuring that all identified vulnerabilities identified earlier have been fixed and generating comprehensive compliance documentation.

This phase is more than just technical wizardry; it is the guarantee of CRA compliance At the end of this phase, we hand you the keys to compliance, empowering you to navigate the CRA landscape with confidence and ease.

Requirements

β€’ All issues uncovered during the assessment have been meticulously addressed,


β€’ The i46 cybersecurity compliance script is seamlessly integrated.
β€’ The EU Authorized Representative mandate is given to i46.

Outcomes

β€’ Certification documents that attest to your device's compliance: EU Certificate of Conformity, Technical Documentation and CE marking,


β€’ A new installer for your product
β€’ Your very own i46.io compliance server, ready to continuously monitor your devicess compliance status.

Authorized Representative Services

Non-EU companies looking to sell their connected devices and software in the European market face a hurdle: the Cyber Resilience Act demands a designated EU Authorised Representative.
This trusted legal entity acts as your bridge to the EU, ensuring your products comply with the Act's reporting requirements and assessment requirements.

But what exactly does it mean to have an Authorised Representative ? Think of it as a business and technical partner. From handling technical documentation and conformity assessments to dealing with authorities and responding to incidents, your representative becomes your voice in the EU.

This is where i46 revolutionizes the game. Unlike other providers who charge hefty fees for this essential service, i46 includes EU Authorized Representation as part of its basic package. This means unparalleled accessibility and affordability – a game-changer for smaller companies and startups who might otherwise be priced out of the European market.
With i46 as your EU Authorized Representative, you gain an experienced partner, not just a compliance checkbox

Continuous monitoring
πŸ•’device lifetime
10,000 euros per year + 1 euro per device

Status Dashboard - i46 Beta Program
Continuous Monitoring > Goals

Continuous monitoring

Achieving CRA compliance is a crucial first step, but ensuring your product remains compliant is a marathon, not a sprint.

In this phase, Continuous Monitoring, is where i46.io becomes your unwavering guardian, safeguarding your CE certification and, hence, CRA compliance throughout your product's lifecycle.

Here's how we safeguard your CE certification:

β€’ i46.io Server as Your Compliance Guardian: All CRA-compliant devices leverage the i46.io server for continuous monitoring, ensuring timely detection and response to potential threats,


β€’ No Unauthorized Access, No Exceptions: We uphold the integrity of your devices by strictly prohibiting unauthorized access, safeguarding CRA compliance,
β€’Yearly Checkups, for Long-Term Health: We conduct annual certification reviews to verify that your devices maintain compliance with evolving cybersecurity standards,
β€’Swift Action in Critical Moments: In the rare event of a security issue that cannot be resolved by i46.io, we'll initiate an immediate response, including mandatory vulnerability report to EU authorities.

Outcomes

β€’ Automatic Notifications, Keeping Everyone Informed : In case of a security issue, we automatically notify both end users and relevant authorities, aligning with legal requirements and fostering transparency,


β€’ User Empowerment, One Opt at a Time: End users have the autonomy to opt in or out of certain security features; this is a requirement of the CRA.
β€’ B2B Visibility, When Needed: For business-to-business devices, we offer optional access to i46.io, enabling greater visibility and control over device security.

↙

Continuous compliance, guaranteed.

β•°β”ˆβž€

Get started now, for free