Security Safeguards
Description
Data fiduciary must implement reasonable security safeguards to protect personal data.
⚠️ Risk Impact
DPDP requires 'reasonable' safeguards — practical implementation includes encryption, MFA, access control, audit logging.
🔍 How EchelonGraph Detects This
EchelonGraph's Tier 1 Cloud Scanner automatically checks for this condition across all connected cloud accounts. Violations are flagged as critical-severity findings with remediation guidance.
🔧 Remediation
Encrypt at rest + transit. Universal MFA. RBAC. Audit logs. Annual security review.
💀 Real-World Attack Scenario
An Indian fintech's customer DB was unencrypted + lacked MFA. Breach exposed 2.4M records. DPDP enforcement: ₹180 crore penalty for inadequate safeguards.
💰 Cost of Non-Compliance
Security violations: ₹100-₹250 crore.
📋 Audit Questions
- 1.Encryption at rest + transit?
- 2.MFA universal?
- 3.Annual security review evidence?
🎯 MITRE ATT&CK Mapping
⚡ Common Pitfalls
- ⛔'Reasonable' interpreted loosely
- ⛔MFA partial
- ⛔Annual review skipped
📈 Business Value
Strong safeguards prevent the largest DPDP penalty category.
⏱️ Effort Estimate
Annual program
EchelonGraph continuous compliance scoring
🔗 Cross-Framework References
Automate DPDP Act DPDP-6 compliance
EchelonGraph continuously monitors this control across all your cloud accounts.
Start Free →