Monitoring Personal Data Security
The systems of data controllers are mostly exposed to both internal and external attacks, cybercrime or malicious software, and despite various symptoms, this situation cannot be noticed for a long time and it may be late for intervention.
👇👇👇 Click
In order to prevent this situation;
a) Checking which software and services are running in information networks,
b) Determining whether there is an infiltration or that should not occur in the information networks,
c) Keeping the transaction records of all users regularly (such as log records),
d) Reporting security issues as quickly as possible,
e) A formal reporting procedure should be established for employees to report security vulnerabilities in systems and services or threats using them.
The reports to be generated during the said reporting process may be automatic reports to be generated by the system. These reports should be aggregated by the system administrator as soon as possible and submitted to the data controller.
Also;
√ security software messages,
√ access control records,
√ regular checking of other reporting tools,
√ taking action on warnings from these systems,
√ regular vulnerability scans to protect information systems against known vulnerabilities, and
√ making evaluations based on the results of the tests regarding the security vulnerabilities revealed by performing penetration tests are required.
Evidence should be collected and securely stored in undesirable events such as
* the crash of the information system,
* malicious software,
* denial-of-service (DOS) attack,
* incomplete or incorrect data entry,
* violations of confidentiality and integrity,
*abuse of the information system.
No comments:
Post a Comment
Your comment will taken into consideration.