Is your data offshore – can you audit its protection?
The HMG Security Policy Framework mandates that even data held offshore can be audited to the same level as if it were held in the UK.
Can you guarantee the data centre abroad that’s holding your data meets UK government physical security standards? Have you audited that?
Have staff with admin access in those data centres offshore been security vetted?
Don’t let Internal Audit or the Cabinet Office be the ones to find holes in your offshore data security or you project may well be stopped!
No related posts.