Hi all,
Fred King's email about using Koha in a Protected Health network reminded me of a question I wanted to pose around the world. Has anyone commissioned an external independent security audit of Koha? That is to say, a security audit from someone other than a Koha support vendor? If so, would they be willing to share the results with other Koha libraries? For instance, in Fred's case, he could refer his IT department to those results, so they could use it in their risk management analysis. (Of course, I think it would be important to note that security depends a lot on the implementation itself, the version of the Koha software, and so on. So one security audit report would not cover all implementations world-wide, but it could be a useful starting point.) I know that I've had IT departments interested in these third-party external independent security audits, so I imagine this is actually a common request that a lot of Koha users around the world are probably facing. David Cook Systems Librarian Prosentient Systems 72/330 Wattle St Ultimo, NSW 2007 Australia Office: 02 9212 0899 Direct: 02 8005 0595
signature.asc
Description: PGP signature
_______________________________________________ Koha mailing list http://koha-community.org Koha@lists.katipo.co.nz https://lists.katipo.co.nz/mailman/listinfo/koha