Skip to main content

Featured

Beauty and Technology of Digital Landscape

In the ever-evolving realm of beauty, technological advancements have become instrumental in reshaping and revolutionizing the industry. The integration of technology into beauty, often termed "beauty tech," has led to groundbreaking innovations that cater to consumer needs and preferences in unparalleled ways. From augmented reality (AR) makeup trials to personalized skincare routines driven by AI algorithms, the fusion of beauty and technology of digital landscape has not only enhanced product offerings but has also transformed the overall consumer experience. One of the most significant contributions of technology to the beauty industry lies in the realm of augmented reality. AR has paved the way for virtual try-on experiences, allowing consumers to experiment with various makeup products without physically applying them. Through specialized applications and platforms, users can virtually test different shades of lipstick eyeshadow, or even experiment with complex makeu...
Post a Comment
Read more

Information inventory and its assessment

A detailed list of the information that is handled is recorded, together with its assessment as established in Annex I of the National Security Scheme .

There may be several causes that prevent fully achieving the objective proposed in the previous paragraph:

1.            A security policy is lacking or insufficient.

2.            The person responsible for any of the information processed is not named.

3.            The assessment of the information is not formally approved.

In this case, the assessment will be made and argued by the security officer , at his best judgment, stating the reasons or reasoning. This assessment is only binding on the body until the formal assessment is available.

It must have a deadline to have the formal assessment . Thus, an inventory of information-type assets will be carried out, assessing confidentiality, integrity, authenticity, traceability, and if relevant, availability.

The National Security Scheme is limited to assessing those types of information that are relevant to the administrative process and can be processed in a service subject to law 11/2007 on electronic access of citizens to public services . For example, medical, fiscal, administrative data, contracts, resolutions, notifications, etc. In general, it is expected that these types of information are identified in some type of general or particular organization of the body, which gives them their own entity and implies some duties of the administration regarding the treatment of said type of information.

There are several types of security levels:

1.            The level of security required in the confidentiality dimension will be established based on the consequences that its disclosure would have to unauthorized persons or who do not need to know the information.

2.            The level of security required in the integrity dimension will be established based on the consequences of its modification by someone who is not authorized to modify the information.

3.            The level of security required in the dimension of authenticity will be established based on the consequences of the fact that the information is not authentic.

4.            The level of security required in the traceability dimension will be established based on the consequences of not being able to trace a posteriori who has accessed or modified certain information.

5.            The level of security required in the availability dimension will be established based on the consequences of an authorized person not being able to access the information when they need it.

When an aspect does not require security measures, in the valuation section it will be indicated without valuation . Auxiliary data that are not a direct object of the administrative process and only appear as instrumental for the provision of services will not be directly assessed .

For example, directory services, passwords, etc. This list of information-type assets will be included in the risk analysis tool.

For each classified information asset, it will be valued according to the criteria described in Annex II of the ENS . As described, the table below shows a list of information-type assets and their valuation based on the aforementioned criteria. These data are those that have been entered in the risk analysis tool.

 

Popular Posts