Serviceteam IT Security News

Design Principles: Making compromise easy to detect

1. Ensure that all relevant security events and logs are collected for analysis. Having the...
Serviceteam IT Security News

End User Devices: Security Principles

The EUD Security Framework describes twelve principles for securing devices, all of which must be...
Serviceteam IT Security News

Security governance, enabling sensible risk management decisions & communication

Security governance and business objectives Standard approaches to security and risk management are...
Serviceteam IT Security News

Secure sanitisation of storage media

This guidance is suitable for any organisation wishing to ensure that their data held...
Serviceteam IT Security News

Approaching enterprise technology with cyber security in mind

The majority of cyber attacks an organisation faces will be ineffective if enterprise...
Serviceteam IT Security News

End User Devices: Authentication Policy

There are three important parts to authentication that you should consider: User to...
Serviceteam IT Security News

End User Devices: Common Questions

Wi-Fi Captive portals Alternative ways of authenticating to Wi-Fi On-device sandboxing Device...
Serviceteam IT Security News

Cloud Security: Standards and Definitions

Security standards and definitions frequently referenced in our Cloud Security Guidance. Standard Guidance...
Serviceteam IT Security News

Using IPsec to protect data

This guide will help you deploy or buy network encryption, using IPsec. It provides recommendations for the...
Serviceteam IT Security News

Security operations centre (SOC) buyers guide

This guidance is for organisations that are considering procuring a Security Operations Centre (SOC) from...
Serviceteam IT Security News

Vulnerability management

All modern software contains vulnerabilities; either software defects that require patches to remedy, or...
Serviceteam IT Security News

End User Devices: Advice for End Users

This advice will need to be tailored to the particular device(s) being used,...
Serviceteam IT Security News

A critical appraisal of risk methods and frameworks

This appraisal has been produced so practitioners and decision makers can better understand...
Serviceteam IT Security News

End User Devices Security Guidance: Introduction

Modern smartphones, laptops and tablets provide users with great flexibility and functionality, and...
Serviceteam IT Security News

EUD Security Guidance: Android 6

This guidance is applicable to Android 6 devices configured in Device Owner mode....
Serviceteam IT Security News

Summary of risk methods and frameworks

This section summarises number of commonly used risk methods and frameworks. Note that:...
Serviceteam IT Security News

Introduction to security governance

What is security governance? Security governance is the means by which you control and direct your organisation’s...
Serviceteam IT Security News

EUD Security Guidance: Windows 10 Mobile

This guidance is applicable to devices running Windows 10 Mobile and was developed...
Serviceteam IT Security News

Cloud Security Principle 7: Secure development

Goals You should be confident that: New and evolving threats are reviewed and...
Serviceteam IT Security News

Risk management introduction

Risk management is about managing the impact of uncertainty on people or organisations....
Serviceteam IT Security News

Cloud Security Principle 13: Audit information for users

Goals You should be: aware of the audit information that will be provided...
Serviceteam IT Security News

Risk management principles

The following security risk management principles are applicable to how people and organisations...
Serviceteam IT Security News

Cloud Security Principle 14: Secure use of the service

The extent of your responsibility will vary depending on the deployment models of...
Serviceteam IT Security News

Cloud Security Principle 12: Secure service administration

The design, implementation and management of administration systems should follow enterprise good practice, whilst recognising...
Serviceteam IT Security News

Cloud Security Principle 11: External interface protection

If some of the interfaces exposed are private (such as management interfaces) then...
Serviceteam IT Security News

Cloud Security Principle 10: Identity and authentication

Weak authentication to these interfaces may enable unauthorised access to your systems, resulting...
Serviceteam IT Security News

Cloud Security Principle 9: Secure user management

The aspects to consider are: Authentication of users to management interfaces and support...
Serviceteam IT Security News

Cloud Security Principle 8: Supply chain security

Cloud services often rely upon third party products and services. Consequently, if this...
Serviceteam IT Security News

Risk management and risk analysis in practice

What is risk? Risk is the impact of uncertainty on people or organisations. Risks...
Serviceteam IT Security News

Cloud Security Principle 5: Operational security

There are four elements to consider: Configuration and change management – you should ensure...