You do not have permission to edit this page, for the following reason:
The action you have requested is limited to users in the group: confirmed.
Free text:
{{#set:feature title = {{PAGENAME}} }} {{#set:feature description = Using SSL and TLS Deployment Best Practices, QualityBox gets an A+ rating for security. }} {{#set:feature notes = Certificates provided by the [[Certbot|Let's Encrypt project]] }} {{#set:feature tests = [https://www.ssllabs.com/ssltest/analyze.html?d={{SERVERNAME}} Test on SSL Labs.com] }} {{#set:feature examples = See [[:File:Certificate grade.png]] }} ==free software that secures your communication== [https://www.torproject.org/ The Onion Router] (TOR) project https://www.torproject.org/ is the best known provider of security for your personal communications. TOR acts as an anonymizing layer between you and ALL Internet traffic. For secure "messaging" there is [https://jami.net Jami]. Jami is a complete communication platform made by [https://savoirfairelinux.com/en Savoir Faire Linux]. Jami is available for all operating systems and devices. Jami offers * Instant messaging * Audio and video calls * Swarms (group chats) * Video-conferences and Rendezvous points with no third-party hosting * Audio and video message recording * Screen sharing and media streaming * Built-in plugin platform for new features and experiences * Jami can also function as a SIP client Another popular platform for secure messaging is the '''Signal''' app. https://signal.org/ == Security Frameworks == 14 Security Frameworks You Should Know <ref>https://secureframe.com/blog/security-frameworks</ref> {| class="wikitable" !Framework !Purpose !Best Suited For !Certification !Certification Method !Audit Duration !Audit Frequency |- !SOC 2 |Manage customer data |Companies and their third-party partners |N/A |Authorized CPA firms |6-month period |Every year |- !ISO 27001 |Build and maintain an information security management system (ISMS) |Any company handling sensitive data |Yes |Accredited third-party |1 week-1 month |Every year |- !NIST Cybersecurity Framework |Comprehensive and personalized security weakness identification |Anyone |N/A |Self |N/A |N/A |- !HIPAA |Protect patient health information |The healthcare sector |Yes |The Department of Health and Human Services (third-party) |12 weeks |6 per year |- !PCI DSS |Keep card owner information safe |Any company handling credit card information |Yes |PCI Qualified Security Assessor (third-party) |18 weeks |Every year |- !GDPR |Protect the data of people in the EU |All businesses that collect the data of EU citizens |Yes |Third-party |About 30 days |Depends on preference |- !HITRUST CSF |Enhance security for healthcare organizations and technology vendors |The healthcare sector / Anyone |Yes |Third-party |3-4 months |Every year |- !COBIT |Alignment of IT with business goals, security, risk management, and information governance |Publicly traded companies |Yes |ISACA (third-party) |N/A |N/A |- !NERC-CIP |Keep North America’s bulk electric systems operational |The utility and power sector |Yes |Third-party |Up to 3 years |Every 5 years |- !FISMA |Protect the federal government’s assets |The federal government and third parties operating on its behalf |Yes |The FISMA Center |12 weeks |Every year |- !NIST Special Publication 800-53 |Compliance with the Federal Information Processing Standards' (FIPS) 200 requirements and general security advice |Government agencies |N/A |Self |N/A |N/A |- !NIST Special Publication 800-171 |Management of controlled unclassified information (CUI) to protect federal information systems |Contractors and subcontractors of federal agencies |N/A |Self |N/A |N/A |- !IAB CCPA |Protecting California consumers’ data |California businesses and advertising tech companies |N/A |Self |N/A |N/A |- !CIS Controls |General protection against cyber threats |Anyone |Yes |Third-party |} ==Resources== #[https://github.com/lfit/itpol Linux Foundation IT Policy] #https://wiki.mozilla.org/Security #https://github.com/ssllabs/research/wiki/SSL-and-TLS-Deployment-Best-Practices #https://secureframe.com/blog/security-frameworks # [https://www.brighttalk.com/webcast/6793/591276 How Ubuntu enables your compliance with FedRAMP, FISMA, FIPS, and DISA-STIG] This 50 minute video from Canonical can provide insight as to how an Enterprise MediaWiki solution can address the concerns related to these frameworks. {{References}} [[Category:Security]] [[Category:Frameworks]]
Summary:
This is a minor edit Watch this page
Cancel