Serviceteam IT Security News

Bulk Data: 8-15 How is your system designed, implemented and operated?

8. No known vulnerable surfaces are exposed at the edges of your service....
Serviceteam IT Security News

Protecting Bulk Personal Data: Introduction

Whether they’re held by public service or private enterprise, these bulk data stores...
Serviceteam IT Security News

Bulk Data: 1-3 What are you protecting?

1. You have a well-defined catalogue of the data your service holds. You...
Serviceteam IT Security News

Digital Services: Building a secure digital service

Just designing a service to be secure is not enough. There will be security implications...
Serviceteam IT Security News

Digital Services: Operating a secure digital service

To remain secure a digital service needs to be well operated and maintained....
Serviceteam IT Security News

Digital Services: Managing cyber security risk in a digital service

Consider security as a factor in all the decisions you make whilst designing, building...
Serviceteam IT Security News

Digital Services: Designing a secure digital service

Good design should: Make services hard to compromise Designing with security in mind...
Serviceteam IT Security News

Design Principles: Designing to avoid disruption

1. Implement denial of service protections as far upstream as possible Denial of service protections...
Serviceteam IT Security News

Digital Services: Understanding your service

Before you can design a secure digital service it's important to understand a...
Serviceteam IT Security News

Design Principles: Introduction

Digital services provide us with quick, convenient access to a whole range of...
Serviceteam IT Security News

Design Principles: Making compromise easy to detect

1. Ensure that all relevant security events and logs are collected for analysis. Having the...
Serviceteam IT Security News

Design Principles: Making services hard to compromise

1. Validate or transform all external input before processing it. Simple data formats...
Serviceteam IT Security News

Protecting Bulk Personal Data

15 good practice measures for the protection of bulk data held by digital...
Serviceteam IT Security News

Design Principles: Reducing the impact of compromise

1.  Build your service using a segmented approach.  A system which requires multiple...
Serviceteam IT Security News

Bulk Data: 4-7 Who has access to your data?

4. All users with access to your data are individually known and referenced....
Serviceteam IT Security News

Design Principles: Understanding your service

1. Understand your service and the data you will need to operate it....
Serviceteam IT Security News

Systems administration architectures

Note Some models carry much more risk than others, and their use is...
Serviceteam IT Security News

End User Devices: Advice for End Users

This advice will need to be tailored to the particular device(s) being used,...
Serviceteam IT Security News

End User Devices: Security Principles

The EUD Security Framework describes twelve principles for securing devices, all of which must be...
Serviceteam IT Security News

Security governance, enabling sensible risk management decisions & communication

Security governance and business objectives Standard approaches to security and risk management are...
Serviceteam IT Security News

Secure sanitisation of storage media

This guidance is suitable for any organisation wishing to ensure that their data held...
Serviceteam IT Security News

Approaching enterprise technology with cyber security in mind

The majority of cyber attacks an organisation faces will be ineffective if enterprise...
Serviceteam IT Security News

End User Devices: Authentication Policy

There are three important parts to authentication that you should consider: User to...
Serviceteam IT Security News

End User Devices: Common Questions

Wi-Fi Captive portals Alternative ways of authenticating to Wi-Fi On-device sandboxing Device...
Serviceteam IT Security News

Cloud Security: Standards and Definitions

Security standards and definitions frequently referenced in our Cloud Security Guidance. Standard Guidance...
Serviceteam IT Security News

Using IPsec to protect data

This guide will help you deploy or buy network encryption, using IPsec. It provides recommendations for the...
Serviceteam IT Security News

Security operations centre (SOC) buyers guide

This guidance is for organisations that are considering procuring a Security Operations Centre (SOC) from...
Serviceteam IT Security News

Vulnerability management

All modern software contains vulnerabilities; either software defects that require patches to remedy, or...
Serviceteam IT Security News

A critical appraisal of risk methods and frameworks

This appraisal has been produced so practitioners and decision makers can better understand...
Serviceteam IT Security News

End User Devices Security Guidance: Introduction

Modern smartphones, laptops and tablets provide users with great flexibility and functionality, and...