Changes

[https://www.torproject.org/ The Onion Router] (TOR) project https://www.torproject.org/ is the best known provider of security for ==free software that secures your personal communications.communication==

There are others too... like [https://ringwww.torproject.cx Ringorg/ The Onion Router] which may be slightly different but provide free software that secures your communications. (TOR) project https://whispersystemswww.torproject.org/ offers tools that integrate with is the best known provider of security for your iPhone or Android phone personal communications. TOR acts as an anonymizing layer between you and desktopALL Internet traffic.

For secure "messaging" there is [https://jami.net Jami]. Jami is a complete communication platform made by [https://savoirfairelinux.com/en Savoir Faire Linux]. Jami is available for all operating systems and devices. Jami offers * Instant messaging* Audio and video calls* Swarms (group chats)* Video-conferences and Rendezvous points with no third-party hosting* Audio and video message recording* Screen sharing and media streaming* Built-in plugin platform for new features and experiences* Jami can also function as a SIP client Another popular platform for secure messaging is the '''Signal''' app. https://signal.org/ == Security Frameworks ==  14 Security Frameworks You Should Know <ref>https://secureframe.com/blog/security-frameworks</ref>{| class="wikitable"!Framework!Purpose!Best Suited For!Certification!Certification Method!Audit Duration!Audit Frequency|-!SOC 2|Manage customer data|Companies and their third-party partners|N/A|Authorized CPA firms|6-month period|Every year|-!ISO 27001|Build and maintain an information security management system (ISMS)|Any company handling sensitive data|Yes|Accredited third-party|1 week-1 month|Every year|-!NIST Cybersecurity Framework|Comprehensive and personalized security weakness identification|Anyone|N/A|Self|N/A|N/A|-!HIPAA|Protect patient health information|The healthcare sector|Yes|The Department of Health and Human Services (third-party)|12 weeks|6 per year|-!PCI DSS|Keep card owner information safe|Any company handling credit card information|Yes|PCI Qualified Security Assessor (third-party)|18 weeks|Every year|-!GDPR|Protect the data of people in the EU|All businesses that collect the data of EU citizens|Yes|Third-party|About 30 days|Depends on preference|-!HITRUST CSF|Enhance security for healthcare organizations and technology vendors|The healthcare sector / Anyone|Yes|Third-party|3-4 months|Every year|-!COBIT|Alignment of IT with business goals, security, risk management, and information governance|Publicly traded companies|Yes|ISACA (third-party)|N/A|N/A|-!NERC-CIP|Keep North America’s bulk electric systems operational|The utility and power sector|Yes|Third-party|Up to 3 years|Every 5 years|-!FISMA|Protect the federal government’s assets|The federal government and third parties operating on its behalf|Yes|The FISMA Center|12 weeks|Every year|-!NIST Special Publication 800-53|Compliance with the Federal Information Processing Standards' (FIPS) 200 requirements and general security advice|Government agencies|N/A|Self|N/A|N/A|-!NIST Special Publication 800-171|Management of controlled unclassified information (CUI) to protect federal information systems|Contractors and subcontractors of federal agencies|N/A|Self|N/A|N/A|-!IAB CCPA|Protecting California consumers’ data|California businesses and advertising tech companies|N/A|Self|N/A|N/A|-!CIS Controls|General protection against cyber threats|Anyone|Yes|Third-party|} == Resources == # [https://github.com/lfit/itpol Linux Foundation IT Policy]# https://wiki.mozilla.org/Security# https://github.com/ssllabs/research/wiki/SSL-and-TLS-Deployment-Best-Practices#https://secureframe.com/blog/security-frameworks# [https://www.brighttalk.com/webcast/6793/591276 How Ubuntu enables your compliance with FedRAMP, FISMA, FIPS, and DISA-STIG] This 50 minute video from Canonical can provide insight as to how an Enterprise MediaWiki solution can address the concerns related to these frameworks.{{References}}