Document Actions
The approach
Without an updated and precise security policy, and without the countermeasures needed to enforce its actuation, one cannot think to be safe. The security process implies analysis, consulting and then the solutions to protect the enterprise from security hazards.
Scenario
The growth of the Internet has brought into strict contact IT operators that were previously isolated: new technologies grant an enormous number of new interactions with prospect customers, providers, information sources, etcetera. The problem is that this is also valid for criminal structures: everyday, anytime by day or by night a computer on the public net is accessible from every connected computer. Without an updated and precise security policy, and without the countermeasures needed to enforce its actuation, one cannot think to be safe.
The menace represented by the sanctions is a small deterrent: through the Web, a break can come from every computer on earth, from countries where laws in force are different from Italy’s own. To prosecute an hacker can be almost impossible: the only effective measure is prevention.
The process
- Analysis: the enterprise becomes compliant with the requirements of the law on privacy. All the security problems that the law doesn’t deal with, remain.
- Consulting: Study on the most effective measures to put side by side with legal requirements.
- Solutions: the enterprise is protected from IT hazards.
Protecting one’s data and programs, one’s procedures as well as one’s personal data is a necessity. The integrity of the enterprise and of the services it offers depend on it.
Furthermore, since 1966, laws provide for the obligation of granting the minimal security provisions for personal data even though they are not used for personal purposes. Handling of personal data is regarded (Art. 2050 of Civil Code) a “dangerous activity”, and demonstrating to have adopted all the provisions apt to prevent damage to third parties is in charge of the subject handling the data.