Difference between revisions of "Technical Guidance"

From Cybersec Standards
Jump to: navigation, search
Line 1: Line 1:
 
This is a collection of external resources for implementing security controls in compliance with data protection and privacy laws.
 
This is a collection of external resources for implementing security controls in compliance with data protection and privacy laws.
  
=== Technical Security Controls: ===
+
== Technical Security Controls: ==
==== Access Control ====
+
=== Access Control ===
 
Implement least privilege, restrict users to only the functionality, data and system information that is required to perform their tasks.
 
Implement least privilege, restrict users to only the functionality, data and system information that is required to perform their tasks.
  
 
* [https://cheatsheetseries.owasp.org/cheatsheets/Access_Control_Cheat_Sheet.html OWASP Access Control Cheat Sheet]
 
* [https://cheatsheetseries.owasp.org/cheatsheets/Access_Control_Cheat_Sheet.html OWASP Access Control Cheat Sheet]
  
==== Data Integrity ====
+
=== Data Integrity ===
 
Data records must be protected from unauthorized modification to ensure data quality and integrity.
 
Data records must be protected from unauthorized modification to ensure data quality and integrity.
  
==== Data Protection ====
+
=== Data Protection ===
 
Data records, especially sensitive data, must be protected from unauthorized access.
 
Data records, especially sensitive data, must be protected from unauthorized access.
  

Revision as of 00:05, 26 July 2020

This is a collection of external resources for implementing security controls in compliance with data protection and privacy laws.

Technical Security Controls:

Access Control

Implement least privilege, restrict users to only the functionality, data and system information that is required to perform their tasks.

Data Integrity

Data records must be protected from unauthorized modification to ensure data quality and integrity.

Data Protection

Data records, especially sensitive data, must be protected from unauthorized access.

Healthcare Industry Security

Mobile App Security

Privacy Compliance:

Data Protection Impact Assessment (DPIA)

Privacy and Anonymity