What does the latest CESG devices security guidance mean for you?

  • Article

CESG issued its latest End User Devices Security and Configuration Guidance on the 14th of October. The new document is a radical departure from past iterations in some respects. So what do you need to know about the new guidance?

Shorter, simpler guidance: In the past, the CESG would release Government Assurance Packs for individual platforms. These documents could be 90 pages long and set down extremely detailed instructions for correctly implementing a given platform. These instructions were often complicated, could be difficult to implement and didn’t properly address today’s multiplatform IT demands. The new guidance amounts to a handful of pages providing general risk management strategies, and it ultimately leaves decisions about which platforms to use up to individual agencies, departments and authorities.

12 key metrics: The new guidance evaluates individual platforms along 12 different metrics. The points the CESG are looking at are: assured data-in-transit protection, assured data-at-rest protection, authentication, secure boot, platform integrity and application sandboxing, application whitelisting, malicious code detection and prevention, security policy enforcement, external interface protection, device update policy, event collection for enterprise analysis and incident response.

Upgrading has its benefits: When you compare the CESG’s evaluation of all the different platforms, Windows 8 stands tall compared with other platforms in the market, offering significant security upgrades from Windows 7, such as a secure boot feature. No matter how you look at it, it’s the only way to be sure you can use all your essential applications in secure boot environment without having to compromising on some other essential area – like event reporting.

There’s a clear winner for tablets: Windows 8 tablets are, hands down, the most secure tablet devices available. The combination of security policy enforcement, external interface protection and application whitelisting features are unequalled in the market today. If you want to take advantage of all the significant organisation advantages of mobile working in a secure environment, it’s an easy call to make.

Wide availability: In the past, access to CESG devices guidance material was carefully controlled. But this latest iteration is available in its entirety on the CESG website, making it easier for organisations across the UK to quickly consult the guidance and make decisions.

Check out the latest guidance on the GOV.UK site.