ESPs - Security Issues

123456
Across
  1. 4. ESPs should have robust disaster recovery plans to quickly restore data and services after incidents like system failures or natural disasters, minimising downtime and data loss.
  2. 5. Contracts should clearly outline ESP responsibility for data breaches, including obligations for breach notification, remediation, and compensation to mitigate impacts on the organisation.
  3. 6. Data should be encrypted both at rest and in transit to safeguard against interception or unauthorised access, particularly when sensitive information is stored or transferred.
Down
  1. 1. ESPs are often liable for data loss or damage, and agreements should define compensation and recovery measures to ensure data integrity and continuity.
  2. 2. ESPs must meet agreed security standards to protect sensitive data. Organisations should define these obligations in service agreements, covering aspects like access controls and data handling.
  3. 3. ESPs must comply with privacy laws (e.g., GDPR) to protect personal data. This includes limitations on data access and handling to prevent unauthorised use or disclosure.