Difference between revisions of "Technical Guidance"

From Cybersec Standards
Jump to: navigation, search
 
Line 19: Line 19:
  
 
=== Mobile App Security ===
 
=== Mobile App Security ===
 +
* [https://github.com/OWASP/owasp-mstg/tree/master/Checklists OWASP Mobile App Security Checklist]
 
* [https://github.com/OWASP/owasp-mstg OWASP Mobile Security Testing Guide (MSTG)]
 
* [https://github.com/OWASP/owasp-mstg OWASP Mobile Security Testing Guide (MSTG)]
 
* [https://github.com/OWASP/owasp-masvs OWASP Mobile Application Security Verification Standard]
 
* [https://github.com/OWASP/owasp-masvs OWASP Mobile Application Security Verification Standard]
* [https://github.com/OWASP/owasp-mstg/tree/master/Checklists OWASP Mobile App Security Checklist]
 
 
* [https://developer.apple.com/library/archive/documentation/Security/Conceptual/SecureCodingGuide/SecurityDevelopmentChecklists/SecurityDevelopmentChecklists.html Apple Security Development Checklists]
 
* [https://developer.apple.com/library/archive/documentation/Security/Conceptual/SecureCodingGuide/SecurityDevelopmentChecklists/SecurityDevelopmentChecklists.html Apple Security Development Checklists]
  

Latest revision as of 01:07, 26 July 2020

This is a collection of external resources for implementing security controls in compliance with data protection and privacy laws.

Technical Security Controls:

Access Control

Implement least privilege, restrict users to only the functionality, data and system information that is required to perform their tasks.

Data Integrity

Data records must be protected from unauthorized modification to ensure data quality and integrity.

Data Protection

Data records, especially sensitive data, must be protected from unauthorized access.

Code Security

Mobile App Security

Healthcare Industry Security

Privacy Compliance:

Data Protection Impact Assessment (DPIA)

Privacy and Anonymity