Skip to content
FR EN

Handbook of Sustainable Design of Digital Services

MENU
← go back
Backend    ODD#12     ODD#13    
❐ copy the link

Recommendation : 1. Reduce the impact of data from its storage and access

Is sensitive user data secure ?

Recommendation 

security

A People

B Planet

A Prosperity

Difficulty

**

Priority

High

Récurrence

OnUpdate

Tests

What safeguards are in place for sensitive data?

Precisions

The GDPR requires the implementation of a PIA, which must be effectively monitored and integrated into the quality processes. Beforehand, all solutions for securing sensitive data should be deployed and validated.

Use Case

Risks assessment

Additional elements

Operational issues related to the project

Posts

Rule for assessing the level of compliance of the criterion

Number of sensitive data analyzed / Number of sensitive data

Life cycle

Déploiement

19 other criteria related to the recommendation: Reduce the impact of data from its storage and access

Recommendation Essential

Data

Is the number of requests kept to a minimum (no looping) ?
Advice

Data

Is an alternative to SQL queries used when possible (local storage or similar) ?
Recommendation

Data

Do implemented queries use joins rather than multiple queries ?
Advice

Data

Can data be backed up incrementally ?
Recommendation

Data

Is the removal of obsolete data being managed ?
Recommendation

Data

Are database indexes consistent with operations ?
Advice

Data

Is an alternative to the relational model being considered ?
Advice

Data

Is a NoSql solution more efficient than its relational equivalent ?
Advice

Data

Have the different data access solutions (queries, triggers, stored procedures) been tested ?
Advice

Data

Are EXPLAIN clauses used on "Slow queries" to optimize indexes ?
Advice

Data

Are the slow query detection thresholds set effectively ?
Recommendation

Data

Are "live" and "dead" data handled differently (eg: Slow storage for "dead" data) ?
Recommendation

Data

Is frequently accessed data available in RAM ?
Recommendation

Data

Are data replications between multiple Database Engine (Cluster) instances appropriate for sensitivity and availability requirement ?
Recommendation

Data processing

Does the data have an expiration date when it is deleted ?
Recommendation

Data processing

Is sensitive data collected ?
Recommendation

Data processing

Is the data collected really useful ?
Recommendation

Data processing

Does the API provide limits, filters and the list of fields to return ?
Advice

Data processing

Does regulated data (personal, health, financial) comply with the recommendations for structuring these categories of data ?