Filter by Category

What is the PDPC?

The PDPC enforces data security regulations set by the PDPA in Singapore.

Governments are taking more steps than ever to protect their citizens’ personal data online – and some have been doing so for longer than others. Singapore’s Personal Data Protection Commission (PDPC) was established in 2013, and since then has helped to foster privacy regulations for citizens of the Republic of Singapore.

What is the PDPC?

The Republic of Singapore created the Personal Data Protection Act of 2012 (PDPA) to “govern the collection, use, disclosure, and care of personal data.” The PDPC is the regulatory authority that oversees and enforces the PDPA – they ensure that industries are meeting the baseline level of protection stated by the PDPA, either by fitting into existing laws and regulatory frameworks, or by supporting the creation of new ones.

Related Reading: PDPA in Singapore Helps Protect Personal Data

The PDPC assesses what organizations do to protect data and delivers instructions to comply where needed. As the PDPC works to balance business needs for personal data and individual’s rights to data privacy, it encourages education for Singaporeans around both how to protect personal data, especially from misuse, and how to properly disclose personal data.

What is the Oversight?

The PDPA states that organizations must take proper security measures to protect personal data from data breach risks, including unauthorized access, data breaches, and modification of data, among others. Noncompliance – either from a lack of protection or a data breach – can result in fines of $10,000 per offense and an order to cease business activities that include personal data.

Related Reading: Data Breaches in Singapore Spur Increased Cybersecurity Measures

How Can You Meet PDPA Requirements?

Most cybersecurity comes down to three pillars: people, process, technology, and the PDPC fittingly splits data protection measures into 3 categories: administrative, physical, and technical.

While physical safeguards, like storing paper documents in locked filing systems or properly disposing of confidential information, can be effective for printed information, technical safeguards can do the same – and more – for virtual data. A technical solution can protect data by continuously working to prevent unauthorized access, encrypting sensitive data, and sending data via secure email.

How GoAnywhere Helps Meet PDPC Requirements

A managed file transfer solution can boost your organization’s security, and help meet the following five PDPC requirements, and many more!

1. Regularly audit to uncover vulnerabilities and non-compliance

GoAnywhere logs file transfer activities and actions taken by users in detail, which makes auditing simple. And, you can take your auditing even further with the Advanced Reporting module.

2. Implement an authentication method for accessing personal data

Access control mechanisms are available out-of-the-box with GoAnywhere, including multi-factor authentication and the ability to integrate with other authentication resources, including federated SSO and LDAP.

GoAnywhere also makes it easy to limit the number of access attempts for users, and also helps to prevent brute-force attacks.

3. Define user roles or groups and their access rights

By providing a role-based access control model, as well as the ability to create custom roles to limit access further, GoAnywhere helps to keep access privileges with the right users.

4. Set appropriate password requirements

Ensuring employees have appropriate passwords – and change them regularly – is a crucial step for meeting both the administrative and technical requirements of PDPA. With GoAnywhere, you can configure password complexity requirements and set expiration dates. Passwords are doubly protected with masking and hashed in storage.

5. Use anti-malware software

Bring your managed file transfer, adaptive data loss prevention, and threat prevention together with GoAnywhere’s ICAP integration with Clearswift. Centralize and streamline your data security while protecting it from threats across the board.

Cloud Service Provider Requirements

With cloud software options becoming increasingly popular, the PDPC recently issued guidelines about how to safely use cloud service providers and meet PDPA requirements: whether overseas or in Singapore, cloud service providers must observe the PDPA. And, the organization using the provider is ultimately responsible for ensuring that they are complying, including data processing, retention, and protection.

Selecting software that already conforms to PDPA requirements and makes complying simpler is common sense. And, you get to reduce your workload by getting all the benefits of a cloud solution while using software that ensures your organization is meeting PDPA at the same time.

Securing Your Data

Discover how managed file transfer can offer businesses the technical security measures they need to comply with the PDPA.

Watch our Getting Started Webinar

Related Posts

Data Breaches in Singapore Spur Increased Cybersecurity Measures

Data breaches made headlines in Singapore, spurring a new committee to address prevention. MFT is a robust defense option for the government and others.

Is Your File Transfer Solution Meeting Business Requirements?

Ask yourself if your file transfer solution (or mixed bag of solutions), is truly meeting your business needs. Managed file transfer software, like GoAnywhere, may be the answer you need.

PDPA in Singapore Helps Protect Personal Data

Protecting personal data is the law in Singapore thanks to the PDPA of 2012.

Take Your Data Security One Step Further with MFT

If you’re unsure which MFT tool is right for you, consider a solution like GoAnywhere MFT where you can go one step further.

What’s the Difference Between the Cloud and SaaS?

The cloud and SaaS may seem the same, however, these two terms refer to very different things. Discover the main distinctions.