Security Environment. Hosting infrastructure and related services at the Hosting Center will be provided in a SOC 2 Type 2 audited data center. By September 1, 2020, the Hosting Center will be in a SOC 2 Type 2 audited and FedRAMP- certified data center. Groupware (directly and via its contracted hosting provider) will have access to the Site infrastructure, including physical devices and/or the operating system software, to perform Software functions and administration.
Security Environment. 6.1.3 IS Characteristics
Security Environment. Environment. Physical constraints – the physical access of the system cannot be limited which will cause more security risks due to the difficulty for validating the voters. Operational constraints – users may be operating the system on a variety of different platforms which will cause more risk if the system is developed with a single platform in mind. Computer constraints – limited computer resources may reduce the level of security in that developers are limited to developing the system with only the resources on hand. Network constraints – limited to the existing networks which may increase risk if the network is broken into.
Security Environment. Determine the environment of the system: 1) who are the actors in the system, what are their roles and responsibilities, and what policies are expected to govern their behaviour? 2) What are the security assumptions of the system? 3) What are the risks, who are the threat agents, who may exploit them, and using what types of attacks? A risk exploited by a threat agent using a certain attack is called a security failure.
