Article 32 of the GDPR requires the controllers and the processors to implement appropriate
technical and organizational measures to ensure a
level of security appropriate to the risk, including inter alia as appropriate:
(a) the pseudonymization and encryption of personal data;
(b) the ability to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services;
(c) the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
(d) a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.
Our IT Security team has years of experience in designing and delivering technology-enabled business solutions to businesses of any size empowering such businesses with both efficacy and efficiency while respecting and protecting the use of personal data as required by the GDPR.
How is this achieved?
Security Audit
- On-site visits
- Network risk assessment
- Security processes cataloging
- Incident response procedures recording
- Security report laying down any vulnerabilities discovered and measures to overcome them
Security Measures Implementation
- Antimalware protection deployments
- Edge protection, email sanitizing, firewalling
- Systems health monitoring and automated patching
- Penetration testing services
- Network and wireless network security
- Data archiving and DLP solutions implementation
- Encryption and key management
- Business continuity designs
- Hardware and software asset management
- Incident response handling
- Systems centralized event logging deployment