Following the two procedures “Ransomware Prevention” and “Self-disclosures from prospective tenants,” a preventive audit on the topic of securing email accounts is now being conducted. Unlike the self-disclosure process, this is an ongoing audit with no schedul end date.. For this purpose, the BayLDA conducts audits to identify fundamental security gaps or deficiencies in the IT organization and thus alert controllers to the need for measures to be implemented before an incident occurs. Even though the preventive nature of the BayLDA’s data protection controls is emphasized, since the GDPR came into force the data protection supervisory authority also has the fundamental option of imposing fines on controllers for violations of processing security in accordance with Art. 32 GDPR of email accounts.”
Cover letters from companies of email accounts
For this purpose, letters were sent to companies in the target group “banks, medium-sized businesses, and manufacturing” to inform them about the project. The statement read. As part of our statutory duties, germany business fax list we are using the questions in our. Attached prevention assessment to examine randomly selected controllers with regard to basic security. Requirements when handling email accounts in accordance with Art. 32 GDPR.” The reason given for this was that “over the past several months. An increased incidence of cyberattacks on the email accounts of controllers in Bavaria has been recorded.
Test sheet
In addition, those responsible were asked to complete the enclosed checklist and submit it to the BayLDA. Failure to comply with this request within. The deadline will result in the issuance of a formal order pursuant to Art. 58 (1) (a) GDPR, including the threat of a penalty fine. The checklist covers five topics: “Phishing awareness and general security awareness,” “Passwords, what is the beneficiation process? multi-factor authentication, and user management,” “Administrative account maintenance and configuration,” “Data traffic review,” and “Device and patch management, as well as a backup concept.” These main points ask whether measures have been taken to prevent potential attacks and to ensure the protection of email accounts as a precautionary measure.
Handout
A guide to the assessment form is also provided to assist with completion. This checklist-like list presents essential elements related to the key audit topics. However, email data this document is not only useful for companies. That have been request to provide feedback – this catalog of measures can also be used by other companies. As it outlines the fundamental requirements for handling email accounts in accordance with Art. 32 GDPR. The catalog can therefore be used as part of an individual assessment of security standards.