Services We Offer
Turn-key Solutions for Data Privacy Act Compliance
IT Services
-
Data Leakage and Loss Prevention (DLP)
-
Encryption (Endpoint/Email/URL)
-
Firewall / Web Filtering
-
Intrusion Prevention System
-
Multi-Factor Authentication
-
Server Hardening / Application White-listing
-
Mobile Device Management
-
Access Control
-
Vulnerability Assessment
-
Patch Management
-
Security Information & Event Manager
-
Data Center Security
Legal Services
-
Assist in Data Privacy Governance
-
Risk Assessment / Privacy Impact Assessment
-
Drafting of Internal Data Privacy Rules & Regulations
-
Evaluation of daily Personal Information Life Cycle processes
-
Evaluation of Physical Collection & Security Processes
-
Data Breach Management
-
Internal Training for Data Protection Compliance
-
Establish Third Party Rules & Agreements
-
Preparation and Registration of Personal Data Processing system with the NPC
-
DPO Function Consulting
Guidelines for Technical Security Measures
Where appropriate, personal information controllers and personal information processors shall adopt and establish the following technical security measures:
-
A security policy with respect to the processing of personal data;
-
Safeguards to protect their computer network against accidental, unlawful or unauthorized usage, any interference which will affect a data integrity or hinder the functioning or availability of the system, and unauthorized access through an electronic network;
-
The ability to ensure and maintain the confidentiality, integrity, availability, and resilience of their processing systems and services;
-
Regular monitoring for security breaches, and a process both for identifying and accessing reasonably foreseeable vulnerabilities in their computer networks, and for taking preventive, corrective, and mitigating action against security incidents that can lead to a personal data breach;
-
The ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
-
A process for regularly testing, assessing, and evaluating the effectiveness of security measures;
-
Encryption of personal data during storage and while in transit, authentication process, and other technical security measures that control and limit access.