Standard security measures

In the register of processing activities you can indicate which security measures you have taken to protect personal data. A number of frequently applied measures are described below.

Use https: It is wise to provide each website with an SSL certificate. The address then changes from http: // … to https: // … Encryption is now applied.

Drafting an Information security policy
Setting up and implementing an information security management system (ISMS)
External testing and certification of ISMS against ‘Security Verified’ standard
External testing and certification of ISMS against ISO 2700 standard
Screening of employees
Security awareness training for employees
Drafting and maintaining of risk inventory
Keep an incident register
Installation of firewall
Installation of virus scanner
Protection against data loss
Regular and structural backup of data
Encryption of data in the database
Encryption of hard disks / storage
Encryption of data during transport
Regular PEN testing of systems by external ethical hackers
Having a responsible disclosure policy
Use two-factor or multi-factor authentication
Establishing rules for choosing and recording passwords
Appoint a Data Protection Officer
Drafting and publishing on the website of a privacy statement
Mandatory password protection on laptops and other mobile devices
Mandatory encryption on laptops and other mobile devices

Standard security measures

ITIL and service management: a short introduction

open standard Security Verified updated

Is COBOL futureproof? COBOL in 2024

VU university business track research projects

NOREA recommends CIS controls against ransomware