· 7 ·
In March 2011 the Government published
the Government ICT Strategy. A major
area of focus for the ICT Strategy is that of
end user devices, with over 600,000 being
employed across central government, and the
Government End User Device Strategy, a sub
strategy of the ICT Strategy, was released in
October 2011.
The End User Device Strategy has been defined collaboratively
by the End User Device Strategy subgroup, comprising
representatives from Cabinet Office, Department of Health,
Department for Work and Pensions, Government Procurement
Service (now Crown Commercial Service), HM Revenue &
Customs, Home Office, Ministry of Defence and Ministry of
Justice. It has also been aligned to the wider ICT strategy,
specifically the Public Services Network (PSN) and G-Cloud,
where close dependencies exist.
The End User Device Strategy calls for Government access
to the right tools to increase the productivity, flexibility and
mobility of the public sector workforce.
"Consumer end user devices*, delivered to a clear standard
that meets government needs, will maximise the productivity of
the public sector workforce."
Building on the Cabinet Office's End User Device
Security Framework, CESG, the Information Security
Arm of GCHQ, has released security guidance
to provide advice to those deploying devices by
providing details on how particular platforms
can be configured to achieve the key security
recommendations contained in the Framework.
The online guidance is designed to help UK public sector
security architects, system administrators and end-users as
they deploy and use the latest laptops, desktops, tablets and
smartphones.
The guidance also contains good practice advice on system
architectures for remote and mobile working; details of
particular configuration choices for each platform; and notes
particular security risks and issues that organisations need to
be aware of.
A senior cyber security expert at GCHQ said:
"Finding the right balance between security and usability is
critical for all organisations and we have put this principle
at the heart of our work. This guidance is the result of close
collaboration between CESG's cyber security experts, our
partners in industry and the public sector. It provides an
excellent set of recommendations for anyone trying to enable
secure business using the latest technologies in a cost-
effective way."
CESG's guidance provides straightforward configuration
advice for a range of devices and seeks to take a balanced
approach between security and usability for remote or mobile
working devices; helping to reduce common risks to an
organisation's information whilst still providing the flexibility
and ease of use required.
Liam Maxwell, the UK Government's Chief Technology Officer
said of the guidance:
"This is precisely the sort of approach to security we need -
simple, pragmatic, understandable."
SBL and Apple would like to bring to your attention
that in January 2014, CESG released its security
guidance on iOS7 and 7.1**.
iOS 7, launched September 2013, is Apple's most advanced
mobile OS yet, including many new features designed to
make it easier for businesses to put iOS devices in the hands
of employees. Features such as better protection of work
and personal data, management of app licences, seamless
enrolment in Mobile Device Management, wireless app
configuration, enterprise single sign on support and default
data protection for third party apps.
Watch the video here:
http://www.apple.com/uk/ios/includes/
videos/features.html#video
Businesses around the world are choosing iOS devices for their
enterprise-ready features. With a comprehensive approach
to security, scaleable deployment options and a powerful
platform for apps, iOS offers companies and organisations of
all sizes just about everything they need to be more productive
than ever.
The CESG guidance includes:
· Summary of platform security
· Significant risks
· How the platform can best satisfy the security
recommendations
· Recommended network architecture
· Deployment process
· Provisioning steps
· Policy recommendations, and
· Enterprise considerations
Download a copy at
https://www.gov.uk/government/
publications/end-user-devices-security-guidance-apple-ios-7
*Definition of end user devices: PCs, laptops, tablets, smart
phones and other hardware that end users can use to interact
with data and applications.
**This guidance is applicable to devices running iOS 7 and
7.1. This guidance was developed following testing performed
on iPhone 5S and iPhone 5 devices running iOS 7.0.4. The
document is an update of the previous iOS 6 guidance.
SourceS
http://www.apple.com/uk/ios/what-is/
http://www.apple.com/uk/ios/business
https://www.gov.uk/government/publications/end-user-devices-security-
guidance-introduction
https://www.gov.uk/government/publications/end-user-device-strategy