Guidance

End User Device Security Collection

Created:  10 Aug 2016
Updated:  17 Apr 2018
Guidance for organisations deploying a range of end user device platforms as part of a remote working solution

Current End User Device (EUD) Security Guidance documents.

Overview documents

  1. End User Devices Security Guidance: Introduction

    Getting started with the End User Device security guidance. Information on the aims of the guidance, who it's aimed at, and any assumptions made

  2. End User Devices: Security Principles

    These principles provide the basis for our guidance on the configuration of specific EUDs.

  3. End User Devices: Common Questions

    Items covered include use of Wi-Fi, device management and browser security

  4. End User Devices: Authentication Policy

    You should create a consistent policy for authenticating both users and devices before granting access to systems and resources (including information).

  5. End User Devices: Advice for End Users

    We recommend that guidance is given to all remote and mobile users on how to keep information on their devices safe and secure.

  6. End User Devices: VPNs

    In this guidance we discuss the reasons for using VPNs and make recommendations on aspects of the underlying technology, such as protocols and cryptography. We also give risk management advice to organisations considering the use of VPNs.

Per-platform security guidance

  1. EUD Security Guidance: Windows 10 - 1709

    Secure configuration for devices running Windows 10 1709 “Fall Creators Update”

  2. EUD Security Guidance: Android 8

    Secure configuration for work-managed devices running Android 8 (Oreo).

  3. EUD Security Guidance: Samsung devices with Knox Workspace

    Secure configuration for Samsung devices running Knox Workspace 2.8 and higher

  4. EUD Security Guidance: macOS 10.13 High Sierra

    This guidance was developed following testing performed on MacBook Pro and MacBook Air devices running macOS 10.13 (High Sierra)

    It's important to remember that this guidance has been conceived as a way to satisfy the 12 End User Device Security Principles. As such, it consists of recommendations and should not be seen as a set of mandatory instructions requiring no further thought.

    Risk owners and administrators should agree a configuration which balances business requirements, usability and security.

  5. EUD Security Guidance: iOS 11

    Secure configuration for devices running iOS 11

  6. EUD Guidance: Windows 10 (1803) with Mobile Device Management

    Secure configuration for Windows 10 1803 "April 2018 Update"

  7. EUD Security Guidance: Ubuntu 16.04 LTS

    Secure configuration for devices running Ubuntu 16.04 LTS

  8. EUD Security Guidance: iOS 10

    Secure configuration for devices running iOS 10

  9. EUD Security Guidance: Android 7

    Secure configuration of Android 7 devices in Device Owner Mode.

  10. EUD Security Guidance: Windows 10 Mobile

    This guidance is applicable to devices running Windows 10 Mobile

  11. EUD Security Guidance: Chrome OS 65

    Secure configuration advice for Chrome OS 65

Related

  1. End user devices: factory reset and reprovisioning

    Guidance for organisations deploying or redeploying mobile devices onto their networks.

  2. Obsolete platforms security guidance

    Short-term steps to take when you can’t move off out-of-date platforms and applications straight away.

Was this guidance helpful?

We need your feedback to improve this content.

Yes No