Search


Implement Data Protection

(Back)

Objective

Safeguard information and assets hosted in cloud, from unauthorized access, use, disclosure, modification, disposal, transmission, or destruction throughout their life cycle.

Key Considerations

Additional Considerations

Validation

References

  1. Directive on Security Management - Appendix B: Mandatory Procedures for Information Technology Security Control, subsections B.2.3.4
  2. SPIN 2017-01, subsection 6.2.4
  3. Refer to the cryptography guidance in 40.111 and 40.062.
  4. Refer to the guidance in Considerations for Cryptography in Commercial Cloud Services.
  5. Refer to Section 4.4.1.10 of the Directive on Service and Digital
  6. Related security controls: SC‑8, SC‑8(1), SC‑12, SC‑13, SC‑17, SC‑28, SC‑28(1)