Achieve OFDSS Compliance

OFDSS Compliance Involves:

• Identifying and mitigating material security risks pertaining to systems, infrastructure, networks, business operations, and vendors
• Inventorying and assigning accountability to all hardware and software assets relevant to the service
• Provisioning and deprovisioning system access based on the principle of least privilege
• Enforcing a formal change management process for governing software and application-related changes
• Encrypting sensitive data-in-transit and at-rest
• Retaining and deleting sensitive data in accordance with legal, regulatory, and contractual obligations
• Collecting keys system and user logs, monitoring on key metrics, alerting on suspicious events, and responding to incidents
• Segmenting trusted and untrusted networks and implementing network safeguards
• Training personnel on security basics such as social engineering and phishing