An organization suffered a personal data breach. The attackers gained access to their database through a user account that had unlimited access to dat
a. What should the DPO advise the organization to do in order to prevent the recurrence of similar scenarios?
GDPR Article 32(1)(b) emphasizes implementing access controls to ensure data security. Reviewing and restricting account permissions using the principle of least privilege (PoLP) helps prevent unauthorized access. Shared accounts (option C) increase security risks, and using cloud computing (option B) does not directly address access control vulnerabilities.
Currently there are no comments in this discussion, be the first to comment!