R062. Define standard configurations
The organization must define standard configurations that correct all known vulnerabilities. These configurations must also be consistent with industry standards.
System configuration is essential when it comes to security issues. The system must follow the industry’s standard configurations that prevent all known vulnerabilities. These settings also contribute to ensuring the ongoing confidentiality, integrity, availability and resilience of systems and services.
GDPR. Art. 32: Security of processing.(1)(b). The controller and the processor shall implement appropriate technical and organizational measures to ensure an appropriate level of security, including the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services.