From Freephile Wiki
Revision as of 20:17, 29 August 2023 by Admin (talk | contribs) (expand the Jami paragraph)

Jump to navigation Jump to search
Security Dialog-information.svg
Lets Encrypt
Image shows: Lets Encrypt
Title: Security
Description: Using SSL and TLS Deployment Best Practices, QualityBox gets an A+ rating for security.
Notes: Certificates provided by the Let's Encrypt project
Test: Test on SSL
Example: See File:Certificate grade.png

free software that secures your communication[edit | edit source]

The Onion Router (TOR) project is the best known provider of security for your personal communications.

There are others too... like Jami Jami is a complete communication platform made by Savoir Faire Linux. Jami is available for all operating systems and devices and offers

  • Instant messaging
  • Audio and video calls
  • Swarms (group chats)
  • Video-conferences and Rendezvous points with no third-party hosting
  • Audio and video message recording
  • Screen sharing and media streaming
  • Built-in plugin platform for new features and experiences
  • Jami can also function as a SIP client

A popular platform for secure messaging is the Signal app.

Security Frameworks[edit | edit source]

14 Security Frameworks You Should Know [1]

Framework Purpose Best Suited For Certification Certification Method Audit Duration Audit Frequency
SOC 2 Manage customer data Companies and their third-party partners N/A Authorized CPA firms 6-month period Every year
ISO 27001 Build and maintain an information security management system (ISMS) Any company handling sensitive data Yes Accredited third-party 1 week-1 month Every year
NIST Cybersecurity Framework Comprehensive and personalized security weakness identification Anyone N/A Self N/A N/A
HIPAA Protect patient health information The healthcare sector Yes The Department of Health and Human Services (third-party) 12 weeks 6 per year
PCI DSS Keep card owner information safe Any company handling credit card information Yes PCI Qualified Security Assessor (third-party) 18 weeks Every year
GDPR Protect the data of people in the EU All businesses that collect the data of EU citizens Yes Third-party About 30 days Depends on preference
HITRUST CSF Enhance security for healthcare organizations and technology vendors The healthcare sector / Anyone Yes Third-party 3-4 months Every year
COBIT Alignment of IT with business goals, security, risk management, and information governance Publicly traded companies Yes ISACA (third-party) N/A N/A
NERC-CIP Keep North America’s bulk electric systems operational The utility and power sector Yes Third-party Up to 3 years Every 5 years
FISMA Protect the federal government’s assets The federal government and third parties operating on its behalf Yes The FISMA Center 12 weeks Every year
NIST Special Publication 800-53 Compliance with the Federal Information Processing Standards' (FIPS) 200 requirements and general security advice Government agencies N/A Self N/A N/A
NIST Special Publication 800-171 Management of controlled unclassified information (CUI) to protect federal information systems Contractors and subcontractors of federal agencies N/A Self N/A N/A
IAB CCPA Protecting California consumers’ data California businesses and advertising tech companies N/A Self N/A N/A
CIS Controls General protection against cyber threats Anyone Yes Third-party

Resources[edit | edit source]

  1. Linux Foundation IT Policy

References[edit source]