Personal data protection in GDPR: integrity, confidentiality, and Actalis solutions
GDPR: a cornerstone in the protection of personal data Regulation (EU) 2016/679 (GDPR) establishes the foundations of personal data protection already in Article 5, which sets out the general principles of processing, including integrity and confidentiality, aimed at ensuring data security. In fact, Article 5(1)(f) explicitly states: “Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures (‘integrity and confidentiality’).” This principle finds concrete application in Article 32, “security of processing”, which requires controllers, including Certification Authorities, and processors to implement technical and organizational measures appropriate to the risk, to ensure the confidentiality, integrity, availability, and resilience of the data being processed.
From HTTPS to machine trust: the rise of mTLS client certificates
In recent years, we have seen something interesting happen: the digital certificate, which many associated only with HTTPS, is becoming increasingly central in modern architectures. This is because it is undeniable that machines communicate more than humans do. And when they communicate with each other—via APIs, microservices, cloud integrations, or exchanges between trusted platforms—the question is no longer just “is the channel encrypted?”, but above all: who is making the call? what is its identity? This is where mutual TLS, or mTLS, comes into play. In “standard” TLS, the server presents its certificate, and the client trusts it (if everything checks out). With mTLS, an additional step is introduced: the client also authenticates itself using an X.509 certificate. So both parties prove their cryptographic identity. The result? We are no longer just protecting a communication—we are building a verifiable trust relationship.
Actalis SSL certificates for IP addresses: practical, compliant, ready to use
If your infrastructure doesn’t use DNS, an SSL certificate for an IP address can be the ideal way to enable HTTPS and verify server identity. Actalis now offers this capability as part of its Organisation Validated (OV) SSL certificate range.
NIS2: what changes for European companies and how to comply with encryption requirements
The NIS2 Directive (EU 2022/2555) was introduced to strengthen cybersecurity across the European Union. It establishes stricter security standards and clearer responsibilities for organisations in key sectors, requiring them to take proactive steps to prevent cyber incidents.
Cloud Security: why digital certificates are essential for protecting cloud applications
In today’s cloud-driven world, security is a top priority for businesses and institutions alike. Digital certificates and advanced encryption have become fundamental to protecting cloud-based applications and data