CNIL guide 2018 – “Security of Personal Data”

in English, incl.

  • Raising user awareness
  • Authenticating users
  • Access Management
  • Logging access and managing incidents
  • Securing workstations
  • Securing mobile data processing
  • Protecting the internal network
  • Securing servers
  • Securing websites
  • Ensuring continuity
  • Archiving securely
  • Supervising maintenance and data destruction
  • Managing data processors
  • Securing exchanges with other organisations
  • Physical security
  • Supervising software development
  • Encrypting, guaranteeing integrity and signing
  • Assess the security level of the personal data in your organisation

https://www.cnil.fr/sites/default/files/atoms/files/cnil_guide_securite_personnelle_gb_web.pdf

ENISA: Handbook on Security of Personal Data Processing

“The overall scope of the report is to provide practical demonstrations and interpretation of the methodological steps of the ENISA’s 2016 guidelines for SMEs on the security of personal data processing. This is performed through specific use cases and pragmatic processing operations that are common for all SMEs.”

https://www.enisa.europa.eu/publications/handbook-on-security-of-personal-data-processing