X
GO
GDPR Solutions

As part of the implementation of the General Data Protection Regulation (GRPR), ANVOLE offers to assist you in the accomplishment of certain steps necessary for securing. Do not hesitate to contact us for more information.

Contact US
  • Adresse : Anvole S.A.S.
    Centre d'Affaires BeBooster, 12 rue des Arts et Métiers
    97200 Le Fort-De-France, Martinique, FWI
  • Téléphone: (+596)-696-003500
  • Email : contact@anvole.com
  • Skype : anvole.com
  • Site web : www.anvole.com
GDPR Security Steps

User Awareness

  • Inform and sensitize people handling the data
  • Write a computer charter and give it a binding force

User Authentication

  • Defining a unique login for each user
  • Adoption of user password policy in accordance with our recommendations
  • Obligation for the user to change his password after reset
  • Implementation of multifactor authentication solution (telephone token, smart card)
  • Limiting the number of attempts to access an account

Entitlement Management

  • Definition of authorization profiles
  • Deleting obsolete access permissions
  • Conduct annual review of authorizations

Access tracing and incident management

  • Implementation of logging system of type SYSLOG
  • Protection of logging equipment and logged information
  • Drafting procedures for notifications of personal data breaches

Securing workstations

  • Desktop Security Audit
  • Automatic session locking procedure, securing protocols
  • Implementation of regularly updated antivirus
  • Software firewall implementation

Securing mobile computing

  • Implementation of encryption means of mobile equipment
  • Implementation of regular backups or synchronizations of data
  • Secrecy requirement for unlocking smartphones

Protection of the internal computer network

  • Limiting network flows to the bare necessities
  • Securing remote access of mobile computing devices by VPN
  • Implementation of WPA2 or WPA2-PSK protocols for Wi-Fi networks

Securing the servers

  • Limiting access to administrative tools and interfaces to only authorized people
  • Installation of critical updates, antivirus, monitoring tools
  • Implementing backup, high availability, and resiliency of data

Securing websites

  • TLS protocol implementation, disable SSL, NTLM, SMBv1
  • Verification that no password or ID passes in the URLs
  • Implementation of a consent banner for cookies not needed for the service

Backing up and implementing business continuity

  • Implementation of regular backups on primary, secondary and cloud sites
  • Storage of backup media in secure locations
  • Regular business continuity tests

Archiving securely

  • Implementation of specific access procedures for archived data
  • Destruction of obsolete archives in a secure way

Securing exchanges with external organizations

  • Encrypting data before sending it