Last month the Obama administration released a voluntary best practices framework to address the growing concerns surrounding increased cyber attacks on government, corporate and research institution networks. Last summer, Stanford University suffered a security breach, allegedly at the hands of a hacker by the moniker “Ag3nt47.”
The mission of Executive Order 13636 is to “enhance the security and resilience of the Nation’s critical infrastructure and to maintain a cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy, and civil liberties.”
According to Rodney J. Petersen, senior policy adviser for SecuriCORE at Indiana University, the plan “includes a tiered approach by which organizations can assess the rigor of their risk-management practices and how they align with organizational priorities.”
Frameworks like Executive Order 13636 have been around for years. Educause has maintained, in partnership with the Internet2 Higher Education Information Security Council, a “Risk Management Framework” for years. Many other industry councils, like the International Organization for Standardization (ISO) have developed standards and best practices for information security.
Built upon a hardened, purpose-built operating system for security services, ProctorU’s server firewalls provide the highest level of security and have earned many industry accolades including ICSA Firewall and IPsec certification and Common Criteria EAL4 evaluation status. Additionally, ProctorU’s servers are in compliance with Payment Card Industry Data Security Standards (PCI/DSS), the Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley (SOX); Gramm-Leach-Bliley Act (GLBA), Federal Information Security Management Act (FISMA) and the Statement for Standards for Attestation Engagements (SSAE) No 16 Type II Service Organization Control (SOC) 2.