Administration

Major Updates of Esri Product Security Materials

ArcGIS Mobile Security Paper
Security is about continuous improvement, which also applies to the materials we post to the ArcGIS Trust Center for customer assurance.  As our product licensing models have evolved as well as security best practices, we’ve performed a significant update of the ArcGIS Secure Mobile Implementation Patterns whitepaper.  We’ve provided more context on our field operations product story, incorporated new mobile apps, expanded information concerning mobile device management, and updated our portal membership and ArcGIS user types – among other items.

ArcGIS Online Security Advisor Tool
The paper was released today and I was already asked a bonus question, “Are there any security drawbacks to utilizing Social login accounts?”  Since this question goes beyond just mobile, we will be adding that answer to the ArcGIS Online Security Advisor tool guidance.  If you have not tried out the tool recently (or ever), you should check it out to help expedite eliminating HTTP links within ArcGIS Online organizations – You can now easily discover HTTP link locations within ArcGIS Online and jump to them so you can quickly fix them (use HTTPS).  Just click on the new HTTP Check option.

ArcGIS Online Cloud Security Alliance Answers
Last month we also switched from posting the Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) answers for ArcGIS Online to the more extensive CSA Consensus Assessments Initiative Questionnaire (CAIQ).  Why does this matter? For one, it reflects our latest ArcGIS Online security and privacy improvements.  Secondly, it expanded from the 133 questions in the CCM to the now 295 questions of the CAIQ – meaning you now have more granular answers available to you about the security assurance behind ArcGIS Online.  The latest CAIQ for ArcGIS Online is readily available within the ArcGIS Trust Center documents section.

ArcGIS Location Tracking Privacy Paper
Up next, our team’s first whitepaper addressing geospatial privacy, called the “ArcGIS Location Tracking Privacy Best Practices” whitepaper.  The paper is undergoing internal review now, so we hope to release it in time for when the new California Consumer Privacy Act (CCPA) becomes operative January 2020.  If you have extensive Privacy experience already and would like a sneak peek to provide us feedback on, please reach out to us  at SoftwareSecurity@esri.com .

 

– Esri Software Security & Privacy Team

Next Article

Adding content to your Sites and Initiatives just got easier

Read this article