Key technical security safeguards

Mostly depends on the kind of data processing carried on by the controller or the processor (i.e. is it a computer or paper-based data processing?). 

Article 32 GDPR let the controller determine what technical security safeguards to ensure a level of security appropriate to the risk and able to guarantee:

• integrity
• availability
• confidentiality
• resilience of systems

Of course, in computer-based data processing some basic technical security safeguards are:

• antivirus
• antimalware
• access control (with different level of account restrictions)
• two-factor authentication
• the use of a VPN service

The GDPR suggests also to prefer cryptography and pseudonymization of data when possible. Any specific remedy is listed because the aim of the GDPR is to set principles that can resist to technology evolution.

You can find more information here:

• Article 32 GDPR: https://advisera.com/eugdpracademy/gdpr/security-of-processing/
• How cybersecurity solutions can help with GDPR compliance: https://advisera.com/eugdpracademy/blog/2017/11/27/how-cybersecurity-solutions-can-help-with-gdpr-compliance/
• Does ISO 27001 implementation satisfy EU GDPR requirements? https://advisera.com/27001academy/blog/2016/10/17/does-iso-27001-implementation-satisfy-eu-gdpr-requirements/

You can also consider enrolling in our free EU GDPR Foundations Course

• EU GDPR Foundations Course: https://advisera.com/training/eu-gdpr-foundations-course//