Skip to main content

Featured

Inadequate Password Complexity Policies

Some online services have lenient password complexity policies, allowing users to create weak passwords easily. This poses a security risk: Reduced Security: Weak password complexity policies make it easier for attackers to guess passwords or use dictionary attacks. False Sense of Security: Users may perceive their accounts as more secure than they actually are when allowed to create weak passwords. To overcome this challenge, organizations should enforce strong password complexity policies that require users to create passwords with a blend of upper and lower case cultivations, numbers, and special characters. Additionally, they can encourage the use of multi-factor validation (MFA) for an added layer of security. Lack of User Education Many users lack awareness of password security best practices, leading to suboptimal password choices: Weak Password Creation: Users may not understand the importance of strong passwords or how to create them. Limited Awareness of Risks:
Post a Comment
Read more

LSSI: infractions and sanctions

 The LSSI establishes in its title VII (arts. 37 to 45) a sanctioning regime in case of breach of its precepts to which information society service providers are subject.

"Failure to comply with the obligation to suspend transmission, data hosting, access to the network or the provision of any other equivalent intermediation service, when ordered by a competent administrative body, by virtue of the provisions of art. 11 ".

As serious offenses, the LSSI in its art. 38.3 establishes the following:

1.            The significant breach of the provisions of paragraphs a) and f) of art. 10.1of the LSSI. That is, the breach of the general information duties of the information society service provider to allow access to the name or company name; your residence or domicile or, failing that, the address of one of your permanent establishments in Spain; your email address and any other data that allows you to establish direct and effective communication with him. As well as the breach, when applicable, of the duty to provide clear and exact information on the price of the product or service, the applicable taxes and, on the shipping costs or, where appropriate, what the regulations of the Communities provide. Autonomous with competences in the matter.

2.            The massive sending of commercial communications by email or other equivalent electronic means of communication, or their insistent or systematic sending to the same recipient of the service when the requirements established in 21 are not met in said shipments . The significant breach of the obligation of the service provider established in art. 22.1 of the LSSI, in relation to the procedures to revoke the consent given by the recipients.

3.            Not making available to the recipient of the service the general conditions to which, where appropriate, the contract is subject, in the manner provided in 27 of the LSSI.

4.            The habitual breach of the obligation to confirm the receipt of an acceptance, when its exclusion has not been agreed or the contract has been concluded with a consumer.

5.            The resistance, excuse or refusal to the inspection action of the bodies empowered to carry it out in accordance with this law.

6.            The significant breach of what is established in 10.3 of the LSSI, on the information obligations related to additional rate services in which access to information society services is allowed.

7.            Recurrence within three years of the commission of the minor infringement related to data storage and recovery devices in terminal equipment. According to the 37 of the LSSI, the publisher of the website and the advertising network or agent that directly manages the placement of advertisements on the website will be responsible for this infringement, provided that the latter has not taken measures to demand compliance with the normative.

They are considered minor offenses in accordance with art. 38.4 of the LSSI:

1.            Failure to comply with the provisions of 12 bis of the LSSI for service providers that carry out activities consisting of the provision of internet access services.

2.            Failure to report in the manner prescribed by 10.1 of the LSSI on the aspects indicated therein, in the case of paragraphs a) and f) , will be a minor offense when it does not constitute a serious offense.

3.            Failure to comply with the provisions of 20 of the LSSI for commercial communications, promotional offers and contests.

 technologyies  techiescity  themarketingpilot   technologywebdesign   technologytimesnow

Popular Posts