Security/Policy/Candidates

From MediaWiki.org
Jump to navigation Jump to search


Proposed Policy that needs private drafting or review is on officewiki. This is the exception, but in limited cases is appropriate.

This page is a list of concepts or topics that the Wikimedia_Security_Team has made note of that might or will be needed:

  • Where software can be deployed from in WMF production
  • Minimum retention time for collected logs in WMF production
  • How folks can get on the early security release list
  • Email forwarding for staff accounts to 3rd party providers
  • Probably as part of acceptable use policy
  • Risk Management
  • Supplier and Partner Contract Addendum
  • Security Awareness Policy
  • Network Security Policy
  • Access Control Policy
  • Logging and Alerting Policy


Understanding Wikimedia Security Team documentation structure