== free software that secures your communication ==
[https://www.torproject.org/ The Onion Router] (TOR) project https://www.torproject.org/ is the best known provider of security for your personal communications.
https://signal.org/ offers tools that integrate with your iPhone or Android phone and desktop.
<br /> == Security Frameworks == 14 Security Frameworks You Should Know{| class="wikitable"!Framework|Purpose|Best Suited For|Certification|Certification Method|Audit Duration|Audit Frequency|-!SOC 2|Manage customer data|Companies and their third-party partners|N/A|Authorized CPA firms|6-month period|Every year|-!ISO 27001|Build and maintain an information security management system (ISMS)|Any company handling sensitive data|Yes|Accredited third-party|1 week-1 month|Every year|-!NIST Cybersecurity Framework|Comprehensive and personalized security weakness identification|Anyone|N/A|Self|N/A|N/A|-!HIPAA|Protect patient health information|The healthcare sector|Yes|The Department of Health and Human Services (third-party)|12 weeks|6 per year|-!PCI DSS|Keep card owner information safe|Any company handling credit card information|Yes|PCI Qualified Security Assessor (third-party)|18 weeks|Every year|-!GDPR|Protect the data of people in the EU|All businesses that collect the data of EU citizens|Yes|Third-party|About 30 days|Depends on preference|-!HITRUST CSF|Enhance security for healthcare organizations and technology vendors|The healthcare sector / Anyone|Yes|Third-party|3-4 months|Every year|-!COBIT|Alignment of IT with business goals, security, risk management, and information governance|Publicly traded companies|Yes|ISACA (third-party)|N/A|N/A|-!NERC-CIP|Keep North America’s bulk electric systems operational|The utility and power sector|Yes|Third-party|Up to 3 years|Every 5 years|-!FISMA|Protect the federal government’s assets|The federal government and third parties operating on its behalf|Yes|The FISMA Center|12 weeks|Every year|-!NIST Special Publication 800-53|Compliance with the Federal Information Processing Standards' (FIPS) 200 requirements and general security advice|Government agencies|N/A|Self|N/A|N/A|-!NIST Special Publication 800-171|Management of controlled unclassified information (CUI) to protect federal information systems|Contractors and subcontractors of federal agencies|N/A|Self|N/A|N/A|-!IAB CCPA|Protecting California consumers’ data|California businesses and advertising tech companies|N/A|Self|N/A|N/A|-!CIS Controls|General protection against cyber threats|Anyone|Yes|Third-party|} == Resources == # [https://github.com/lfit/itpol Linux Foundation IT Policy]# https://wiki.mozilla.org/Security# https://github.com/ssllabs/research/wiki/SSL-and-TLS-Deployment-Best-Practices#https://secureframe.com/blog/security-frameworks
[[Category:Security]]