Posts

Digital Services: Understanding your service

Before you can design a secure digital service it’s important to understand a…

Read more
/by

Design Principles: Introduction

Digital services provide us with quick, convenient access to a whole range of…

Read more
/by

Design Principles: Making compromise easy to detect

1. Ensure that all relevant security events and logs are collected for analysis. Having the…

Read more
/by

Design Principles: Making services hard to compromise

1. Validate or transform all external input before processing it. Simple data formats…

Read more
/by

End User Devices: Authentication Policy

There are three important parts to authentication that you should consider: User to…

Read more
/by

End User Devices: Common Questions

Wi-Fi Captive portals Alternative ways of authenticating to Wi-Fi On-device sandboxing Device…

Read more
/by

Cloud Security: Standards and Definitions

Security standards and definitions frequently referenced in our Cloud Security Guidance. Standard Guidance…

Read more
/by

Using IPsec to protect data

This guide will help you deploy or buy network encryption, using IPsec. It provides recommendations for the…

Read more
/by

Security operations centre (SOC) buyers guide

This guidance is for organisations that are considering procuring a Security Operations Centre (SOC) from…

Read more
/by

Vulnerability management

All modern software contains vulnerabilities; either software defects that require patches to remedy, or…

Read more
/by