{"id":14420,"date":"2026-05-04T11:46:01","date_gmt":"2026-05-04T09:46:01","guid":{"rendered":"https:\/\/www.inprosec.com\/?p=14420"},"modified":"2026-05-04T11:46:01","modified_gmt":"2026-05-04T09:46:01","slug":"two-factor-authentication-and-data-protection-in-the-workplace","status":"publish","type":"post","link":"https:\/\/www.inprosec.com\/en\/two-factor-authentication-and-data-protection-in-the-workplace\/","title":{"rendered":"Two-Factor Authentication and Data Protection in the Workplace"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">As cyber threats become more sophisticated, companies are under growing pressure to reinforce access controls across their systems and applications. In that context, two-factor authentication, or 2FA, has become one of the most effective and widely adopted security measures.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Passwords alone are no longer enough in many environments. Credential theft, unauthorized access, and phishing attacks have made it essential to add extra layers of verification to make sure that the person logging into a corporate account is genuinely who they say they are.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">From a security standpoint, 2FA fits neatly within the controller\u2019s obligation to implement appropriate technical and organizational measures, ensuring a level of security proportionate to the risk, as required under Article 32 of the GDPR. It also reflects the principle of accountability in Article 5(2) and the duty to build in privacy and security by design and by default, as set out in Article 25.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In some sectors and environments, that expectation is even stronger. Under frameworks such as NIS2, two-factor authentication is specifically recognised as part of cybersecurity risk management.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">There is little room for debate on the value of 2FA itself. The real question is not whether to use it, but how to roll it out in a way that is legally sound and operationally fair.<\/span><\/p>\n\n<h2><b>When the personal phone becomes a work tool<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">A still common approach in many organisations is to require employees to use their personal mobile phones to receive verification codes or install authentication apps for access to corporate tools.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">At first glance, this looks like a convenient solution. It is inexpensive, easy to deploy, and it seems to shift very little burden onto the company. But from a data protection perspective, that convenience can be deceptive.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In an employment relationship, the balance of power is not equal. The employer directs and organises the work, while the employee operates within that framework. That imbalance is precisely why asking someone to use a personal device for work purposes deserves close scrutiny.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Once the personal phone becomes a required tool for accessing work systems, it is no longer just a private device. It becomes part of the work setup. And that changes the legal and practical analysis.<\/span><\/p>\n<h2><b>Why consent is not always enough<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">In data protection law, consent must be freely given, specific, informed, and unambiguous. That standard is hard to meet in an employment context when the employee has little real choice.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">If access to work tools depends on using a personal mobile phone, it is difficult to argue that consent is truly voluntary if no genuine alternative is offered. A theoretical option is not the same as a real one.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">That is why this kind of arrangement has to be assessed case by case. The company should look at the purpose of the measure, the information provided to employees, the legal basis relied upon, the proportionality of the solution, and whether practical alternatives exist.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In this setting, the key GDPR principles come into sharp focus: lawfulness, fairness and transparency, purpose limitation, data minimisation, and accountability. The legal basis must be carefully considered, rather than defaulting automatically to consent simply because it seems convenient.<\/span><\/p>\n<h2><b>The company should provide the means<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">This is not only a data protection issue. It also goes to the heart of the employment relationship.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">If the company decides that a security measure is necessary to protect its systems, it is only reasonable that it also provides the means to implement that measure. Otherwise, the burden is shifted onto the employee, who is being asked to contribute a personal resource to support a business requirement.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">That does not sit comfortably with the logic of employment law, where the worker provides services within the employer\u2019s organisational structure, rather than supplying the means of work themselves.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The Spanish legal framework also recognises digital rights in the workplace, including the right to privacy when using digital devices at work. While that provision is mainly aimed at employer access to company-issued devices, it reflects a broader principle: technology in the workplace must still respect privacy and data protection boundaries.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">For this reason, making the personal phone the only route to 2FA can become problematic where no proportionate alternative is available. In cases like this, specialist\u00a0<\/span><a href=\"https:\/\/www.inprosec.com\/en\/services\/information-security\/privacy\/\"><span style=\"font-weight: 400;\">Privacy<\/span><\/a><span style=\"font-weight: 400;\">\u00a0support can be especially useful.<\/span><\/p>\n<h2><b>What the AEPD has looked at<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">The Spanish Data Protection Agency has treated these situations with caution, particularly where employees\u2019 personal devices are used for clearly work-related purposes.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">One relevant example is Resolution PS\/00456\/2025, in case EXP202406971, which concerned the use of employees\u2019 personal mobile phones as a two-factor authentication mechanism in the workplace. According to the available information, the AEPD found an infringement and imposed an initial fine of EUR 80,000, later reduced to EUR 48,000 after acknowledgement of responsibility and voluntary payment.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The broader message is clear: 2FA may well be appropriate, but it should not be deployed in a way that shifts organisational responsibilities onto workers.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">That said, the issue should not be overstated. It would be wrong to say that any use of an authentication app on a personal device is automatically unlawful.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In case AI-00074-2024, for example, the AEPD examined a situation involving authentication and remote access within the Administration of Justice, taking into account the requirement for two-factor authentication under the ENS for access from uncontrolled environments, such as internet access or remote working.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">So the problem is not 2FA itself. The real issue is the specific way it is implemented.<\/span><\/p>\n<h2><b>Better alternatives to consider<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Before requiring employees to use their personal phones, companies should consider less intrusive solutions that fit better with the employment relationship.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">These may include corporate phones, physical tokens, security keys, authentication tools tied to company-managed devices, or similar solutions that do not rely on the employee\u2019s private device.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This assessment should also be documented. Under Article 5(2) of the GDPR, the controller must be able to demonstrate compliance with the data protection principles. Article 24 adds that appropriate technical and organisational measures must be chosen in light of the nature, scope, context, and purposes of the processing.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">For that reason, reviewing these measures through a dedicated\u00a0<\/span><a href=\"https:\/\/www.inprosec.com\/en\/services\/information-security\/privacy\/\"><span style=\"font-weight: 400;\">Privacy<\/span><\/a><span style=\"font-weight: 400;\">\u00a0service can help ensure that security, compliance, and internal policy are properly aligned.<\/span><\/p>\n<h2><b>Security and compliance need to move together<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">2FA is a sensible and often necessary security measure. But if it is poorly implemented, it can create a compliance problem of its own.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Protecting corporate systems is a legitimate goal. The challenge is to do so without unnecessarily intruding into the employee\u2019s private sphere or forcing them to use personal resources for business purposes.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Information security should not be built by passing organisational costs or obligations on to workers. The company must protect its systems, but it must do so in a proportionate way and with due respect for employees\u2019 rights.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">If your organisation is reviewing its authentication model, access policies, or data protection compliance, Inprosec\u2019s\u00a0<\/span><a href=\"https:\/\/www.inprosec.com\/en\/services\/information-security\/privacy\/\"><span style=\"font-weight: 400;\">Privacy<\/span><\/a><span style=\"font-weight: 400;\">\u00a0service can help assess the situation and design an appropriate approach.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>As cyber threats become more sophisticated, companies are under growing pressure to reinforce access controls across their systems and applications. In that context, two-factor authentication, or 2FA, has become one of the most effective and widely adopted security measures. Passwords alone are no longer enough in many environments. Credential theft, unauthorized access, and phishing attacks&#8230;<\/p>\n","protected":false},"author":6,"featured_media":14424,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[97,52],"tags":[],"class_list":["post-14420","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-information-security","category-technical-article"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.3 (Yoast SEO v27.5) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Two-Factor Authentication and Data Protection in the Workplace - Inprosec<\/title>\n<meta name=\"description\" content=\"2FA protects your systems, but requiring employees to use their personal mobile devices may breach GDPR. We explain how to implement it correctly.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.inprosec.com\/en\/two-factor-authentication-and-data-protection-in-the-workplace\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Two-Factor Authentication and Data Protection in the Workplace\" \/>\n<meta property=\"og:description\" content=\"2FA protects your systems, but requiring employees to use their personal mobile devices may breach GDPR. We explain how to implement it correctly.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.inprosec.com\/en\/two-factor-authentication-and-data-protection-in-the-workplace\/\" \/>\n<meta property=\"og:site_name\" content=\"Inprosec\" \/>\n<meta property=\"article:published_time\" content=\"2026-05-04T09:46:01+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.inprosec.com\/wp-content\/uploads\/2026\/05\/2.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Fernando Mosquera\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Fernando Mosquera\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/two-factor-authentication-and-data-protection-in-the-workplace\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/two-factor-authentication-and-data-protection-in-the-workplace\\\/\"},\"author\":{\"name\":\"Fernando Mosquera\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\"},\"headline\":\"Two-Factor Authentication and Data Protection in the Workplace\",\"datePublished\":\"2026-05-04T09:46:01+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/two-factor-authentication-and-data-protection-in-the-workplace\\\/\"},\"wordCount\":1163,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/two-factor-authentication-and-data-protection-in-the-workplace\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/2.jpg\",\"articleSection\":[\"Information Security\",\"Technical Article\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.inprosec.com\\\/en\\\/two-factor-authentication-and-data-protection-in-the-workplace\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/two-factor-authentication-and-data-protection-in-the-workplace\\\/\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/two-factor-authentication-and-data-protection-in-the-workplace\\\/\",\"name\":\"Two-Factor Authentication and Data Protection in the Workplace - Inprosec\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/two-factor-authentication-and-data-protection-in-the-workplace\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/two-factor-authentication-and-data-protection-in-the-workplace\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/2.jpg\",\"datePublished\":\"2026-05-04T09:46:01+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\"},\"description\":\"2FA protects your systems, but requiring employees to use their personal mobile devices may breach GDPR. We explain how to implement it correctly.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/two-factor-authentication-and-data-protection-in-the-workplace\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.inprosec.com\\\/en\\\/two-factor-authentication-and-data-protection-in-the-workplace\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/two-factor-authentication-and-data-protection-in-the-workplace\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/2.jpg\",\"contentUrl\":\"https:\\\/\\\/www.inprosec.com\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/2.jpg\",\"width\":1200,\"height\":630},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/two-factor-authentication-and-data-protection-in-the-workplace\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Two-Factor Authentication and Data Protection in the Workplace\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/\",\"name\":\"Inprosec\",\"description\":\"Information security is our priority.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.inprosec.com\\\/en\\\/#\\\/schema\\\/person\\\/b05a40c0c3e81b819075dd95a10532e2\",\"name\":\"Fernando Mosquera\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g\",\"caption\":\"Fernando Mosquera\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Two-Factor Authentication and Data Protection in the Workplace - Inprosec","description":"2FA protects your systems, but requiring employees to use their personal mobile devices may breach GDPR. We explain how to implement it correctly.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.inprosec.com\/en\/two-factor-authentication-and-data-protection-in-the-workplace\/","og_locale":"en_US","og_type":"article","og_title":"Two-Factor Authentication and Data Protection in the Workplace","og_description":"2FA protects your systems, but requiring employees to use their personal mobile devices may breach GDPR. We explain how to implement it correctly.","og_url":"https:\/\/www.inprosec.com\/en\/two-factor-authentication-and-data-protection-in-the-workplace\/","og_site_name":"Inprosec","article_published_time":"2026-05-04T09:46:01+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2026\/05\/2.jpg","type":"image\/jpeg"}],"author":"Fernando Mosquera","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Fernando Mosquera","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.inprosec.com\/en\/two-factor-authentication-and-data-protection-in-the-workplace\/#article","isPartOf":{"@id":"https:\/\/www.inprosec.com\/en\/two-factor-authentication-and-data-protection-in-the-workplace\/"},"author":{"name":"Fernando Mosquera","@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2"},"headline":"Two-Factor Authentication and Data Protection in the Workplace","datePublished":"2026-05-04T09:46:01+00:00","mainEntityOfPage":{"@id":"https:\/\/www.inprosec.com\/en\/two-factor-authentication-and-data-protection-in-the-workplace\/"},"wordCount":1163,"commentCount":0,"image":{"@id":"https:\/\/www.inprosec.com\/en\/two-factor-authentication-and-data-protection-in-the-workplace\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2026\/05\/2.jpg","articleSection":["Information Security","Technical Article"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.inprosec.com\/en\/two-factor-authentication-and-data-protection-in-the-workplace\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.inprosec.com\/en\/two-factor-authentication-and-data-protection-in-the-workplace\/","url":"https:\/\/www.inprosec.com\/en\/two-factor-authentication-and-data-protection-in-the-workplace\/","name":"Two-Factor Authentication and Data Protection in the Workplace - Inprosec","isPartOf":{"@id":"https:\/\/www.inprosec.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.inprosec.com\/en\/two-factor-authentication-and-data-protection-in-the-workplace\/#primaryimage"},"image":{"@id":"https:\/\/www.inprosec.com\/en\/two-factor-authentication-and-data-protection-in-the-workplace\/#primaryimage"},"thumbnailUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2026\/05\/2.jpg","datePublished":"2026-05-04T09:46:01+00:00","author":{"@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2"},"description":"2FA protects your systems, but requiring employees to use their personal mobile devices may breach GDPR. We explain how to implement it correctly.","breadcrumb":{"@id":"https:\/\/www.inprosec.com\/en\/two-factor-authentication-and-data-protection-in-the-workplace\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.inprosec.com\/en\/two-factor-authentication-and-data-protection-in-the-workplace\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.inprosec.com\/en\/two-factor-authentication-and-data-protection-in-the-workplace\/#primaryimage","url":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2026\/05\/2.jpg","contentUrl":"https:\/\/www.inprosec.com\/wp-content\/uploads\/2026\/05\/2.jpg","width":1200,"height":630},{"@type":"BreadcrumbList","@id":"https:\/\/www.inprosec.com\/en\/two-factor-authentication-and-data-protection-in-the-workplace\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.inprosec.com\/en\/"},{"@type":"ListItem","position":2,"name":"Two-Factor Authentication and Data Protection in the Workplace"}]},{"@type":"WebSite","@id":"https:\/\/www.inprosec.com\/en\/#website","url":"https:\/\/www.inprosec.com\/en\/","name":"Inprosec","description":"Information security is our priority.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.inprosec.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.inprosec.com\/en\/#\/schema\/person\/b05a40c0c3e81b819075dd95a10532e2","name":"Fernando Mosquera","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/199e6c54b14f5b5ddf7e11a9bb0b455c3bed7a9a1a738b7be5c2572878e69d1a?s=96&d=mm&r=g","caption":"Fernando Mosquera"}}]}},"_links":{"self":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/14420","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/comments?post=14420"}],"version-history":[{"count":1,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/14420\/revisions"}],"predecessor-version":[{"id":14426,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/posts\/14420\/revisions\/14426"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/media\/14424"}],"wp:attachment":[{"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/media?parent=14420"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/categories?post=14420"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.inprosec.com\/en\/wp-json\/wp\/v2\/tags?post=14420"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}