Community

Esri Software Security & Privacy Blog - Page 4

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Latest Activity

(34 Posts)

Did you know ArcGIS Online is FedRAMP Compliant?

PeterBuwembo
by Esri Contributor
Esri Contributor
‎10-26-2018 11:25 AM

ArcGIS Online was granted a FedRAMP Tailored Low (Li-SaaS) Authority to Operate(ATO) which went into effect June 28th 2018. When a solution such as ArcGIS Online is authorized, specific applications, services, and providers are assessed as part of the effort.  The security controls for this authorization align with National Institute of Standards and Technology (NIST) Special Publication 800-53 (Revision 4) which maps to International Standards Organization (ISO) 27001 & 15408 controls.

more
0 0 909

Portal for ArcGIS Security 2018 Update 2 Patches for ArcGIS Enterprise 10.3.1 are available

RandallWilliams
by Esri Regular Contributor
Esri Regular Contributor
‎10-03-2018 07:30 AM

The Portal for ArcGIS Security 2018 Update 2 Patch has been released for Portal for ArcGIS 10.3.1.

ArcGIS Enterprise Administrators should consider installing this patch as high priority, as it addresses an incorrect proxy access control vulnerability, among others.

Security patches are released for the last minor release in a series of ArcGIS products that are still in mainstream support.

All versions of this patch are available here:

Portal for ArcGIS Security 2018 Update 2 Patch

Users can also run the ArcGIS Patch Notification tool to check for, download, and install patches.

Check for and install software patches and updates—ArcGIS Server (Windows) Installation Guide (10.5)... 

more
0 0 555

Esri Secure Development Lifecycle Overview Released

RandallWilliams
by Esri Regular Contributor
Esri Regular Contributor
‎10-02-2018 12:06 PM

In today’s cybersecurity landscape, ensuring the products and services you receive from a software company have security and privacy considerations built-in is paramount.  Today, we are publicly releasing an overview of the assurance measures we incorporate, including governance, standards alignment, assessments/tools, vulnerability/incident management, and guidelines utilized.

We have also updated the Trust Center to have its own domain, so that users are no longer directed to .doc.arcgis.com pages as part of the main site and we have updated the Documents section descriptions to more easily identify what content is best for you (including the SDLC overview document titled “Esri Software Security and Privacy”).

We welcome your feedback on this overview, so feel free to reach out to our team – Esri’s Software Security & Privacy team –SoftwareSecurity@Esri.com

Reference:
Esri Software Security & Privacy (SDLC Overview) –https://downloads.esri.com/RESOURCES/ENTERPRISEGIS/Esri_SDLC.pdf 

more
0 0 405

ArcGIS SSL/TLS Guidance Briefing has been updated

RandallWilliams
by Esri Regular Contributor
Esri Regular Contributor
‎10-02-2018 12:04 PM

The ArcGIS SSL/TLS Guidance Briefing has been updated. Updates include specific guidance for ArcGIS Client software, insight into TLS plans for ArcGIS Online, and details regarding ArcGIS Enterprise components.

Browse to the ArcGIS Trust Center document repository to review this document and all of our other helpful resources!

more
0 0 481
118 Subscribers
Popular Articles

ArcGIS Online TLS Changes: Alternative Testing Methods

RandallWilliams
RandallWilliams Esri Regular Contributor
9 Kudos
3 Comments

Coronavirus Downloadable Malware Map App Clarification

RandallWilliams
RandallWilliams Esri Regular Contributor
7 Kudos
0 Comments

Building Trust within Your Environment Using SSL Certificates

BrendanBladdickEsri
BrendanBladdickEsri Esri Contributor
6 Kudos
0 Comments