ICT security measures

Aspects of data security.

When talking about the security of personal data implicitly alludes to various facts and aspects of a different nature that are complementary to each other.

These elements, considered as the three aspects of data security, are:

1.            Confidentiality : personal data are recorded and saved in order to fulfill the function specified in the declaration of the file. For this, it is necessary that certain people, expressly authorized based on their work, access these data to proceed with their treatment. No other unauthorized person may have access to the protected personal data.

2.            Integrity : means that no unauthorized person may manipulate or change the data for fraudulent purposes.

3.            Availability : means that an incident must be prevented from causing the unavailability of access systems to personal data. Availability is one of the most attacked aspects of servers connected to the Internet. This is mainly due to the vulnerability of complex server systems, with software that is still plagued with errors that occur in extreme situations and are exploited by attackers.

General disposition.

The Article 79 of the RLOPD states should implement security measures all files, regardless of what your treatment system.

The classification of security measures required for files and treatments are regulated in article 80 and following of the RLOPD , and are classified into three levels: basic, medium and high.

Each of these levels entails a series of security measures that will be applied depending on the type of personal data that is being processed.

The security levels are set out below according to the type of data to be processed:

1.            Basic security level : contains the security measures to be applied to all files that contain data considered basic. They are data of basic characteristics of the person, such as name, surname, address, etc.

2.            Medium security level : contains the security measures to be applied, in addition to the basic level, to the files that process personal data that deal with the following matters: commission of administrative or criminal offenses, public finances, services financial, Social Security and mutual insurance companies for accidents at work and the files referring to financial solvency and credit.

3.            High security level : contains the security measures to be applied, in addition to the medium level, to files with personal data, called specially protected, related to: ideology, religion, beliefs, racial origin, health, sexual life, data derived from gender violence and files collected for police purposes without the consent of the affected persons.

All these measures are cumulative , that is, complying with the high-level security measures also means complying with the basic and medium-level averages at the same time.

In the case of information systems with files of different security levels, they may be segregated based on the security levels and apply the corresponding security measures for each level, provided that the affected users and data can be defined.

Exceptions in the application of high-level measures.

The sections 5 and 6 of section 81 of the RLOPD establish a number of exceptions in the application of high - level actions depending on the purpose of the data.

Therefore, the implementation of basic level measures will suffice when:

1.            The data is used for the sole purpose of making a monetary transfer to the entities of which those affected are associates or members.

2.            In the case of files or treatments in which, incidentally or incidentally, those data are contained without being related to their purpose.

3.            There are health data related only to disabilities or the simple declaration of invalidity due to the fulfillment of public duties.

Delegation of authorizations.

As established in article 84 of the RLOPD, the person responsible for the file may delegate to the people he designates those authorizations that the RLOPD attributes directly to him.

The security document must state the persons authorized to grant these authorizations, as well as those on whom said delegation falls and the date thereof. In no case does this designation imply a delegation of responsibility that corresponds to the person responsible for the file.

 

Popular posts from this blog

Hundreds of T-Mobile stores will be able to fix phones soon

 T-Mobile introduced that 500 of its retail stores may want to start supplying repair offerings beginning on November 1st. The company says technicians will provide equal-day fixes using producer-authorised elements to clients who join its Protection<360> issuer, which moreover consists of tool replacement in case of loss or robbery. T-Mobile is also improving that tool safety plan by means of letting customers make five claims in a 12-month length, up from the previous limit of three. The claims are dealt with through Assurant and come with a deductible based on what kind of cellphone you've got and what form of claim you’re making. Still, it’s likely to be inexpensive than buying five new phones in case you land up having an 18-karat run of awful achievement. ASSURANT TECHNICIANS WILL BE HANDLING THE IN-STORE REPAIRS Interestingly, this variation has echoes of the contentious T-Mobile / Sprint merger. In    fashionbeautypalace      a brochure f...
Read more

7 TIPS TO IMPROVE YOUR WEBSITE AND ACHIEVE BETTER RESULTS

Image
 Maybe you have a web page, but there are many details that could be improved and corrected. In this post we want you to know some things and tips to improve your website .  construction bolts  What aspects should you influence so that it has more traffic? And to make it more attractive to the user? Having a website that convinces and attracts your potential clients is essential for your project to succeed. Discover the 7 tips to improve your website. Proposals and tips to improve a web page, what to do? There are several elements that you can take into account if you are wondering how to improve the design of your website . 1. Facilitate the user experience The first thing when we have a website is to make sure that the user is comfortable when browsing it. If the web does not offer the information that the user needs, in a clear and well-organized way, it is probably not easy to navigate through it. Consider applying techniques to improve the user experien...
Read more

approximately crypto

Image
  Stack banks $2.7M to teach young adults, and parents approximately crypto Today, Stack released what CEO Will Rush says is "the primary crypto training and trading app for young adults and their dad and mom." The subscription-primarily based app expenses $3 consistent with the month in step with the user and is to be had for Android. It became designed with Gen Z in thoughts, a technology that will develop up with the blockchain and maximum probably own a few sorts of virtual assets, Rush informed CTR   . He co-based the company with CTO Natalie Young and CCO Angela Mascarenas in 2021. The founding crew has an eclectic history that consists of teen fintech app Copper and securities for Rush; at the same time as Mascarenas helped digitize the cookie ordering gadget for the Girl Scouts, & Young was a T-Mobile engineer. While at Copper, Rush led efforts to train kids approximately investing; however, they determined that replacing the phrase "inventory" ...
Read more