Freephile Wiki

Security: Difference between revisions

Browse history interactively
← Older editNewer edit →
VisualWikitext
update links
add security frameworks
Line 11: Line 11:




== free software that secures your communication ==
==free software that secures your communication==


[https://www.torproject.org/ The Onion Router] (TOR) project https://www.torproject.org/ is the best known provider of security for your personal communications.
[https://www.torproject.org/ The Onion Router] (TOR) project https://www.torproject.org/ is the best known provider of security for your personal communications.
Line 19: Line 19:
https://signal.org/ offers tools that integrate with your iPhone or Android phone and desktop.
https://signal.org/ offers tools that integrate with your iPhone or Android phone and desktop.


== Resources ==
<br />
# [https://github.com/lfit/itpol Linux Foundation IT Policy]
 
# https://wiki.mozilla.org/Security
== Security Frameworks ==
# https://github.com/ssllabs/research/wiki/SSL-and-TLS-Deployment-Best-Practices
 
 
14 Security Frameworks You Should Know
{| class="wikitable"
!Framework
|Purpose
|Best Suited For
|Certification
|Certification Method
|Audit Duration
|Audit Frequency
|-
!SOC 2
|Manage customer data
|Companies and their third-party partners
|N/A
|Authorized CPA firms
|6-month period
|Every year
|-
!ISO 27001
|Build and maintain an information security management system (ISMS)
|Any company handling sensitive data
|Yes
|Accredited third-party
|1 week-1 month
|Every year
|-
!NIST Cybersecurity Framework
|Comprehensive and personalized security weakness identification
|Anyone
|N/A
|Self
|N/A
|N/A
|-
!HIPAA
|Protect patient health information
|The healthcare sector
|Yes
|The Department of Health and Human Services (third-party)
|12 weeks
|6 per year
|-
!PCI DSS
|Keep card owner information safe
|Any company handling credit card information
|Yes
|PCI Qualified Security Assessor (third-party)
|18 weeks
|Every year
|-
!GDPR
|Protect the data of people in the EU
|All businesses that collect the data of EU citizens
|Yes
|Third-party
|About 30 days
|Depends on preference
|-
!HITRUST CSF
|Enhance security for healthcare organizations and technology vendors
|The healthcare sector / Anyone
|Yes
|Third-party
|3-4 months
|Every year
|-
!COBIT
|Alignment of IT with business goals, security, risk management, and        information governance
|Publicly traded companies
|Yes
|ISACA (third-party)
|N/A
|N/A
|-
!NERC-CIP
|Keep North America’s bulk electric systems operational
|The utility and power sector
|Yes
|Third-party
|Up to 3 years
|Every 5 years
|-
!FISMA
|Protect the federal government’s assets
|The federal government and third parties operating on its behalf
|Yes
|The FISMA Center
|12 weeks
|Every year
|-
!NIST Special Publication 800-53
|Compliance with the Federal Information Processing Standards' (FIPS)        200 requirements and general security advice
|Government agencies
|N/A
|Self
|N/A
|N/A
|-
!NIST Special Publication 800-171
|Management of controlled unclassified information (CUI) to protect        federal information systems
|Contractors and subcontractors of federal agencies
|N/A
|Self
|N/A
|N/A
|-
!IAB CCPA
|Protecting California consumers’ data
|California businesses and advertising tech companies
|N/A
|Self
|N/A
|N/A
|-
!CIS Controls
|General protection against cyber threats
|Anyone
|Yes
|Third-party
|}
 
==Resources==
 
#[https://github.com/lfit/itpol Linux Foundation IT Policy]
#https://wiki.mozilla.org/Security
#https://github.com/ssllabs/research/wiki/SSL-and-TLS-Deployment-Best-Practices
#https://secureframe.com/blog/security-frameworks


[[Category:Security]]
[[Category:Security]]
Retrieved from "https://wiki.freephile.org/wiki/Security"