CESG - the UK's national technical authority for information assurance at GCHQ - has published risk management advice and guidance for the UK public sector on the use of smartphones in lower risk situations.
Its cyber security experts have been working with major smartphone platform providers on how best to secure their products, and produced the guidance on how to secure the devices for remote working.
The guidance, which is only accessible to those with Government Secure Intranet accounts, applies to lower risk situations which covers large parts of the public sector, and is not applicable for classified data ('restricted' or above).
A spokesperson for CESG told GGC that the main elements of the guidance cover systems management and maintenance, configuration settings, architectural advice, user education and awareness training, and information on common risks to mobile working. It also highlights where a significant risk remains, either where there are no technical or procedural controls to reduce it, or an extensive reliance on procedural mitigation.
It is available for products from Apple, Microsoft, Nokia and Research In Motion, covering the majority of the smartphone market. CESG said this does not imply formal endorsement or certification of any of these platforms, but it will give organisations the options to chose whichever platform best suits their business needs.
A spokesman for CESG said: "This is a great example of government and industry collaborating to ensure that all parts of government have the tools and information we need to work more securely in cyber space. It will help many parts of the public sector work more efficiently and effectively - saving money for the taxpayer".
CESG also pointed out that the BlackBerry Enterprise Solution from Research In Motion is currently the only smartphone system to have been formally evaluated and approved to protect material classified up to and including 'restricted'.
没有评论:
发表评论