Data Masking: Any production data shared with support consultant (OFSS / OFSS partner / Third Party vendor) should only be shared in masked form. The vital & sensitive information such as Customer's personal details should be masked. Vendors should be indicated/ informed to delete the shared data once the incident is resolved.

Printing of Production data: Printing of production data should be avoided as much as possible and should be printed only when necessary. Printed version of production data should be kept only for required period and destroyed using standard mechanism to avoid it falling into wrong hands. Whenever customer statements are printed, the delivery should be concluded within stipulated period and should be securely stored until then.

Adopt Standard Data Protection Policies: Standard corporate policies like Clean Desk Policy help in strengthening the Data protection. Forming of data controller team to ensure sanity/ masking of data before it is handed over for any purpose.

Protected backup: The Backups and storages should ensure labeling and encryption wherever required. The media recycle policy can be adopted to ensure that old unwanted backup tapes/media are not misplaced.

Data Sharing: Ensure NOT TO share data on personal email ids. No part of data should be uploaded through non official web sites. Sharing data with third party vendor, partners, business teams should be done in protected and encrypted form by ensuring key customer data is masked.