Andrew A blog
Cloud Security Research LeadMy cloud isn't a castle
06 Jul 2018
Moving to the cloud from closed-off data centres means we’re exposing more of our services to the Internet than we ever have done before. Andrew A talks through his thoughts on why this sometimes results in accidental data leakage and how to reduce the risk of that happening.NCSC IT: how the NCSC chose its cloud services
12 Jan 2018Topics: Cloud security
Why the NCSC spends more effort getting confidence in the security of some cloud services than in others.Cloudy with a chance of transparency
23 Oct 2017
In part 2 of his Cloud Blog Trilogy, Andrew explains why it's better for everyone if cloud providers are willing to be open about how they run their services.Time to KRACK the security patches out again
20 Oct 2017
Andrew A puts some context around the recently published KRACK guidance and explains why patching - once again - is the answer.Brightening the outlook for security in the cloud
26 Sep 2017
The NCSC's Cloud Security Research Lead suggests some approaches to help you get confidence in cloud services.NCSC IT: MDM products - which one is best?
08 Mar 2017
In part 3, we discuss why there is no one right answer to "What is the best MDM product?", as we found when building our own IT system.