Technical measures adopted in order to guarantee the safeguarding of personal data:
Security at network layer.
In order to avoid inappropriate accesses, the first protection level is placed at network layer using a secure infrastructure protected from external access with a perimeter firewall and creating an internal network segmentation with subnets based on systems use and accessibility, protected by access control lists. In addition, to avoid remote unauthorized accesses, this connections will be done through servers working as gateways, requiring the users to have a previous credential validation only available to privileged ones.
Vulnerability and intrusion detection systems ensure the security and integrity of the network and the devices connected to it.
Security at computer layer.
Other actions are taken in the devices to guarantee their security, keeping their operating systems and software updated with all recommended security patches and protecting them with firewalls, updated antivirus and own control access and attack detection tools.
Security at user layer.
Control access to data stored in our systems is based upon personal accounts protected by passwords with a guaranteed complexity to avoid brute force access attacks to these accounts. Only staff that must have access to stored personal data will get an account with these privileges.
Some actions are carried out with staff to promote awareness related to computer security.
Special measures, such as encryption, will be considered in those cases that could be a risk for confidentiality and integrity when manipulating and/or transferring data.In this way, a secure email system is provided over an encrypted channel to avoid data interception by other people.
Periodic security copies of stored data are made over other devices placed in different locations from computer which store original data, saving different generations of copies in order to ensure the ability to recover stored data in case of loss or corruption of these.
These measures are reviewed periodically in order to guarantee the security in network, connected devices and stored data.