[Vtigercrm-developers] Security

IT-Solutions4You info at its4you.sk
Mon May 21 11:37:17 GMT 2018


The question is: what is "appropriate security" and which personal data 
you are processing: presonal data or special categories of personal data.

Yes, vtiger should improve security, but in my opinion, this has nothing 
to do with GDPR. Maybe if you store personal data relevant to Article 9 
- Processing of special categories of personal data.
http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32016R0679

All from us should have internal documet defined in Article 35 -
Data protection impact assessment. In this document you will have all 
task what to do. It's really depned on personal data you store in your 
system. But if you process large scale of special categories of data 
pursuant to Article 9, then you need Data protection officer and this 
person know what to do.


Matus
ITS4You

Dňa 19. 5. 2018 o 17:31 Holbok István napísal(a):
> Hi VTiger fans,
> 
> How will be GDPR compatible vTiger CRM with mentioned below security holes?
> 
> Here is the short description of GDPR
> https://tresorit.com/gdpr/gdpr-requirements
> 
> One of the most important principles and requirements of the GDPR is 
> security:
> 
> "*Confidentiality and integrity*: personal data should be processed in a 
> manner that ensures appropriate security, including protection against 
> unauthorized or unlawful processing and accidental loss, destruction or 
> damage, using appropriate technical or organizational measures."
> 
> Without proper security, this genius CRM system will not be applicable 
> related to the European Union member states.
> 
> Regards:
> Istvan Holbok
> 
> 
> 2018. 05. 19. 15:55 keltezéssel, Błażej Pabiszczak írta:
>>
>> Prasad,
>>
>>  1. https://unsecure.blog/en/121-enumeration-of-users-in-popular-crm-systems.html
>>
>>  2. https://unsecure.blog/en/122-dozens-of-security-bugs-in-popular-crm-systems.html
>>
>>
>> ---
>>
>> Z poważaniem / Regards
>>
>> *Błażej Pabiszczak*
>> M: +48.884999123
>> E: b.pabiszczak at yetiforce.com 
>> <mailto:b.pabiszczak at yetiforce.com>
>>
>>
>>> -------- Wiadomość oryginalna --------
>>>
>>> Temat: 	Re: [Vtigercrm-developers] Storing passwords in MD5
>>> Data: 	2018-04-19 05:56
>>> Od: 	Prasad <prasad at vtiger.com>
>>> Do: 
>>> "vtigercrm-developers at lists.vtigercrm.com" 
>>> <vtigercrm-developers at lists.vtigercrm.com>
>>> Odpowiedź do: 
>>> vtigercrm-developers at lists.vtigercrm.com
>>>
>>>
>>> Blazej,
>>> This issue was tracked and resolved with recommendation (see 
>>> <http://code.vtiger.com/vtiger/vtigercrm/issues/965>)
>>> Do you have reference to the blogger - to keep them informed?
>>> I'm surprised the blogger hasn't allowed option to accept comment!
>>> Regards,
>>> Prasad
>>>
>>> --
>>> FB <http://www.facebook.com/vtiger> I Twit 
>>> <http://twitter.com/vtigercrm> I LIn 
>>> <https://www.linkedin.com/company/1270573?trk=tyah> I Blog 
>>> <https://blogs.vtiger.com> I Website <https://www.vtiger.com/>
>>>
>>> On Thu, Apr 19, 2018 at 8:53 AM, Prasad 
>>> <prasad at vtiger.com 
>>> <mailto:prasad at vtiger.com>> wrote:
>>> Thank you for the update - we will review.
>>>
>>> --
>>> FB <http://www.facebook.com/vtiger> I Twit 
>>> <http://twitter.com/vtigercrm> I LIn 
>>> <https://www.linkedin.com/company/1270573?trk=tyah> I Blog 
>>> <https://blogs.vtiger.com> I Website <https://www.vtiger.com/>
>>>
>>> On Thu, Apr 19, 2018 at 4:06 AM, Błażej Pabiszczak 
>>> <b.pabiszczak at yetiforce.com 
>>> <mailto:b.pabiszczak at yetiforce.com>> wrote:
>>>
>>> https://unsecure.blog/en/114-vtigercrm-storing-passwords-in-md5.html
>>>
>>> ---
>>>
>>> Z poważaniem / Regards
>>>
>>> *Błażej Pabiszczak*
>>> M: +48.884999123
>>> E: b.pabiszczak at yetiforce.com 
>>> <mailto:b.pabiszczak at yetiforce.com>
>>>
>>>
>>> _______________________________________________
>>> http://www.vtiger.com/
>>>
>>>
>>> _______________________________________________
>>> http://www.vtiger.com/
>>
>>
>> _______________________________________________
>> http://www.vtiger.com/
> 
> 
> 
> 
> _______________________________________________
> http://www.vtiger.com/
> 




More information about the vtigercrm-developers mailing list