Measures to ensure integrity. 1. Data integrity The installation or patching processes ensure appropriate backups are taken prior to any upgrade.
Measures to ensure integrity. 2.1. Disclosure/transmission (Aspects of the disclosure (transmission) of personal data must be regulated: electronic transmission, data transport, and their control) ☒ There is a secure method of sending data between the Client, Contractor and third parties. ☒ Encrypted ZIP files are possible for email transmission. ☒ Use of VPN connections. ☒ Data exchange takes place via SSL (https) encryption. ☒ Documented management of mobile end devices and data storage media. ☒ Safe disposal/secure erasure of data storage media has been ensured. ☒ Use of document shredders (in accordance with DIN 66399).
Measures to ensure integrity. Data transfer control Measures for migration, transfer, transmission, or storage of data to or on data carriers (manually or electronically), and measures for subsequent review. The measures ensure that personal data or confidential data cannot be read, copied, altered or removed without authorization during their electronic transmission or during their transport or storage on data carriers and that it is possible to verify and establish the points to which personal data are to be transmitted by data transmission facilities. Description of controls in place / measures taken: - Clients’ data received for software support are received via secure communication channels and stored securely for the duration of the support ticket. Email attachments are not allowed. - An established acceptable use policy that is documented and regularly reviewed based on business and information security requirements. - Media containing information is protected against unauthorized access, misuse, or corruption during transportation. - Formal transfer policies, procedures, and controls are in place to protect or, where appropriate, prevent the transfer of information to removable media or communication facilities. - Information transferred within ASG’s electronic messaging is appropriately protected and encrypted. • Input control Measures for subsequent review whether and by whom data were input, modified, or removed (erased). The measures ensure that it can be subsequently verified and established whether and by whom personal data have been entered into, modified in or removed from computer systems. Description of controls in place / measures taken: - Unauthorized parties are prevented by appropriate measures such as firewalls, intrusion detection and prevention systems, logging and evaluation as well as multi- factor authentication and VPN. - All critical devices, systems, databases and applications must have logging enabled to capture sufficient information to establish a proper verifiability of occurring events. - Log information is protected against unauthorized access. - Access to systems, applications and the underlying data is always based on individual, personally associated user identifiers. - The use of privileged utility software is consistently logged and access is restricted. • Order Control - An established policy regarding commissioned data processing that is documented and regularly reviewed based on business and information security requirements. Employees are i...
Measures to ensure integrity. 1. Data integrity Measures to ensure that stored personal data cannot be corrupted by means of a malfunctioning of the system. Description of data integrity: Processor employs an automated testing system for new releases which verifies the correctness of the changed component. Components that fail these tests will not be deployed to a production environment. Changes to Processor’s main database are logged, can be audited and rolled back on a per change basis. To ensure against unintentional data corruption the production system is segregated from other environments.
Measures to ensure integrity. Integrity refers to ensuring the correctness (integrity) of data and the correct functioning of systems.
