[Koha] External Independent Security Audit of Koha
dcook at prosentient.com.au
dcook at prosentient.com.au
Thu Jan 30 12:33:53 NZDT 2020
Hi all,
Fred King's email about using Koha in a Protected Health network reminded me
of a question I wanted to pose around the world. Has anyone commissioned an
external independent security audit of Koha? That is to say, a security
audit from someone other than a Koha support vendor?
If so, would they be willing to share the results with other Koha libraries?
For instance, in Fred's case, he could refer his IT department to those
results, so they could use it in their risk management analysis. (Of course,
I think it would be important to note that security depends a lot on the
implementation itself, the version of the Koha software, and so on. So one
security audit report would not cover all implementations world-wide, but it
could be a useful starting point.)
I know that I've had IT departments interested in these third-party external
independent security audits, so I imagine this is actually a common request
that a lot of Koha users around the world are probably facing.
David Cook
Systems Librarian
Prosentient Systems
72/330 Wattle St
Ultimo, NSW 2007
Australia
Office: 02 9212 0899
Direct: 02 8005 0595
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 484 bytes
Desc: not available
URL: <https://lists.katipo.co.nz/pipermail/koha/attachments/20200130/c391078a/attachment.sig>
More information about the Koha
mailing list