10 measures for the protection of data in your company

Published on by Paloma SIGGINI - updated on

1. Define the pilot project in house, preferably a member of the Executive Committee involved in company management who cannot be contested

2. Conduct an audit: preferably audits of personal data processing security measures

3. Do data mapping: where is the data? in the Cloud? in which part of the infrastructure?

4. Establish a timetable for compliance: define technical, organisational and legal actions

5. Establish a communication plan suited to the teams' businesses and the environment

6. Define a methodology for the various compliance players (legal department, compliance department, CISO/ISSO, marketing and communication department, etc.)

7. Select a methodology to deploy accountability: define pseudonymisation techniques, create a framework for data transfers, subcontracting, etc.

8. Define how data portability will be set up

9. Work to increase subcontractor obligations: What audit level? How to ensure data is returned and/or is no longer accessible at contract termination?

10. Implement an impact assessment methodology for the minimisation of collected data, the projects and aims to be determined, and security issues

Latest publication

In 2018, 30% of telecommunications companies reported that confidential customer data had been stolen following an attack. Read more in Cybereason's article. 

Read more