Dear friends,
I am attaching copy of Information Technology (Reasonable Security Practices & Procedures & Sensitive Personal Data or Information) Rules 2011 notified by the government on 11.4.2011.
As per the rules, password is treated as one of the sensitive personal data or information and company is required to publish on its website privacy policy for handling or dealing in such information. Companies implementing notified IS/ISO/IEC 27001 standard will be deemed to have complied with reasonable security practices and procedures if the same is certified or audited regularly by approved independent auditor.
It seems that all companies will have to take steps for providing secured passwords for e-mail systems, SAP system etc. Experts in IT sector may please share their views on this since currently even SAP does not provide system of secured passwords.
Regards,
From India, Malappuram
1444I am attaching copy of Information Technology (Reasonable Security Practices & Procedures & Sensitive Personal Data or Information) Rules 2011 notified by the government on 11.4.2011.
As per the rules, password is treated as one of the sensitive personal data or information and company is required to publish on its website privacy policy for handling or dealing in such information. Companies implementing notified IS/ISO/IEC 27001 standard will be deemed to have complied with reasonable security practices and procedures if the same is certified or audited regularly by approved independent auditor.
It seems that all companies will have to take steps for providing secured passwords for e-mail systems, SAP system etc. Experts in IT sector may please share their views on this since currently even SAP does not provide system of secured passwords.
Regards,
From India, Malappuram
Community Support and Knowledge-base on business, career and organisational prospects and issues - Register and Log In to CiteHR and post your query, download formats and be part of a fostered community of professionals.
MW-Jan-June'18- Security.pdf
The National Security Act 2009.doc