Navigating Compliance with Privacy Regulations and Cybersecurity Risks
Esri’s Enhanced Privacy and Security Measures for Customers
Esri, a leading provider of geographic information system (GIS) software, has taken significant steps to enhance the privacy and cybersecurity measures for its customers. The company recently announced the implementation of new measures to ensure compliance with rapidly evolving privacy regulations and to address cybersecurity threats effectively.
One of the key initiatives introduced by Esri is the ArcGIS Enterprise Hardening Guide, a comprehensive guide developed over several years with input from users and security experts worldwide. Users with a production ArcGIS Enterprise deployment are encouraged to implement these best practices as soon as possible to enhance the security of their systems.
In addition, Esri has obtained certification by the EU-US Data Privacy Framework Program, demonstrating its commitment to upholding data protection standards required by the European Union. The company also maintains the Standard Contractual Clauses as part of its Data Processing Addendum to provide European customers with stable privacy assurance despite evolving US regulations.
Furthermore, Esri’s ArcGIS Online has been operating in alignment with the Federal Risk and Authorization Management Program (FedRAMP) Moderate controls for over a year. The company is now transitioning to the newer Revision 5 controls, which include stronger supply chain validation. Esri aims to complete the 2024 Accredited FedRAMP Third Party Assessment Organization assessment by the end of Q2.
Esri is also working towards obtaining ISO 27001 certification for its EU Region systems and operations, covering specific ArcGIS Online and Platform capabilities. The company plans to have this certification in place before the end of 2024.
For more information on Esri’s software security and privacy measures, customers can contact the company’s software security and privacy team at SoftwareSecurity@esri.com. Esri’s commitment to enhancing privacy and cybersecurity measures underscores its dedication to providing secure and reliable GIS solutions to its customers.
