From Cybersec Standards
Jump to: navigation, search


This guidance is based on Information Act 2018 (Act No. 9 of 2018)

Who Does This Privacy Law Apply To?

What Data Does This Privacy Law Apply To?

When Was This Privacy Law Enacted?

Where Does This Privacy Law Have Jurisdiction?

How Must Data Be Protected?

OWASP-Recommended Security Controls:

Access Control

  • If state data must be stored on the client, use encryption and integrity checking on the server side to catch state tampering

Data Integrity

  • Securely implement transaction authorization to protect the transaction integrity

Data Protection

  • Implement least privilege, restrict users to only the functionality, data and system information that is required to perform their tasks

How Long Can Data Be Retained Under This Privacy Law?

COVID-19 Apps In This Region

External Links