Information security overview

So precious!

In the entire world there is not one company – private or public – that does not collect, merge or process data in its information system. The government collects data to calculate pensions, for example, to impose taxes correctly or to reimburse medical costs. Companies collect employee data to pay their salaries. Supermarkets collect data about customers' buying behaviour through loyalty cards so they can adapt their sales politics, …
Information has consequently become a precious thing. And valuable treasures require extra protection, which was not really difficult until not so long ago. Every organisation had its own isolated computer network which could easily be protected with simple measures. A good lock on the door, a properly working programme and a daily backup were enough.

But this would soon change: in no time everybody became connected to anybody through the internet, and the wave of new information and communication technologies is endless. This obviously requires very different and more complex protection methods.

Getting started Sense and nonsense in security

An information security policy

How do companies start drawing up an information security policy in order for the information they possess to benefit from optimum protection against all sorts of dangers for their existence?

More on the information security policy

The risks when processing data and who is responsible

Because the abuse of personal data can have an enormous impact on our lives, the Privacy Act imposes additional rules. It is also important who exactly will be responsible for the information security policy.

More about the risks and who is responsible

Reference measures

There are several international models and guidelines to assist organisations in the elaboration of an information security policy. The Privacy Commission has also drawn up its own model helping controllers to secure the personal data they wish to process.

For all data processing operations:

"Reference measures for the security of personal data processing"