New platform security guidance to help protect critical information

CESG, the Information Security Arm of GCHQ, has published new security guidance for a wide range of end user devices.

The online guidance is designed to help public sector security architects, system administrators and end-users as they deploy and use the latest laptops, desktops, tablets and smartphones. Platforms covered include Android, BlackBerry, Apple iOS and OSX, Ubuntu, Windows and Windows Phone and Chrome OS.

Building on the Cabinet Office’s End User Device Security Framework, this new guidance provides advice on how particular platforms can be configured to achieve the key security recommendations contained in the framework.

The guidance also contains good practice advice on system architectures for remote and frontline mobile working, details of particular configuration choices for each platform and notes particular security risks and issues that users need to be aware of.

Jonathan Hoyle, Director General for Government and Industry Cyber Security at GCHQ said: “Finding the right balance between security and usability is critical for all organisations and we have put this principle at the heart of our work. This guidance is the result of close collaboration between CESG’s cyber security experts, our partners in industry and the public sector. It provides an excellent set of recommendations for anyone trying to enable secure business using the latest technologies in a cost-effective way.”

The guidance provides straightforward configuration advice for a range of devices and seeks to take a balanced approach between security and usability for remote or mobile working devices, helping to reduce common risks to sensitive information while still providing the flexibility and ease of use required.

Liam Maxwell, the Government’s Chief Technology Officer, said: “This is precisely the sort of approach to security we need – simple, pragmatic, understandable.”