Design and configuration

Activities relating to the design, procurement, build and configuration of a secure enterprise IT system.
Showing 1 - 25 of 28 results
Sort by: A-Z|Date
  • Secure development and deployment

    Guidance11 Dec 2017TopicsSkills and training, Design and configuration, Digital services

    8 Principles to help you improve and evaluate your development practices, and those of your suppliers

  • Rear view mirror

    Reflecting on your development processes: fast-track your learning

    Blog post24 Nov 2017AuthorNicola BTopicsSociotechnical security, Design and configuration

    In such a fast-changing world, the ability to learn lessons quickly is what will determine the success of your product.

  • Secure development and deployment

    Secure development and deployment

    Blog post22 Sep 2017AuthorToby WTopicsSecure by default, Design and configuration, Digital services
  • Smart Metering - Communications Hub: CPA SC

    Document03 Aug 2017TopicsDesign and configuration, Operational technology, Assurance

    Incorporating the Communications Hub Function and the Gas Proxy Function

  • Cloud computing

    NCSC IT: Networking in the cloud

    Blog post28 Mar 2017AuthorJon HTopicsDesign and configuration

    In the fourth blog about the NCSC’s IT system, we look at how the networking topologies and practices differ from traditional approaches.

  • Administrator workstation

    Protect your management interfaces

    Blog post22 Mar 2017AuthorRichard CTopicsDesign and configuration

    Why it's important to protect the interfaces used to manage your infrastructure, and some some recommendations on how you might do this.

  • Protecting Bulk Personal Data: Introduction

    Guidance25 Sep 2016TopicsDesign and configuration, Secure storage, Digital services

    To operate effective services, many organisations need to store and process large quantities of personal data

  • Bulk Data: 1-3 What are you protecting?

    Guidance25 Sep 2016TopicsDesign and configuration, Secure storage, Digital services

    It’s important to know what you are protecting and the risks you’ve already taken

  • Bulk Data: 4-7 Who has access to your data?

    Guidance25 Sep 2016TopicsDesign and configuration, Secure storage, Digital services

    You need to know that only those with a real need, have access to your data

  • Bulk Data: 8-15 How is your system designed, implemented and operated?

    Guidance25 Sep 2016TopicsDesign and configuration, Secure storage, Digital services

    Poor design, implementation or operations can result in data loss

  • Protecting Bulk Personal Data

    Guidance25 Sep 2016TopicsRisk management, Design and configuration, Secure storage, Digital services
  • Design Principles: Understanding your service

    Guidance25 Sep 2016TopicsDesign and configuration, Digital services

    To securely design a service, there are a number of areas you need to have a good understanding of

  • Design Principles: Making services hard to compromise

    Guidance25 Sep 2016TopicsDesign and configuration, Digital services

    Designing with security in mind means using concepts and techniques which make it harder for attackers to compromise your service using commodity techniques

  • Design Principles: Reducing the impact of compromise

    Guidance25 Sep 2016TopicsDesign and configuration, Digital services

    Creating services which naturally minimise the degree of any compromise

  • Design Principles: Making compromise easy to detect

    Guidance25 Sep 2016TopicsDesign and configuration, Digital services

    Even if you take all available precautions, there’s a chance your system will be compromised by a new or unknown attack. If this happens you want to be well positioned to detect the compromise

  • Design Principles: Designing to avoid disruption

    Guidance25 Sep 2016TopicsDesign and configuration, Digital services, Cyber threats

    When high-value services rely on digital delivery it becomes essential that they are always available. For the credibility of the service and the users’ convenience, the acceptable percentage of ‘down time’ is effectively zero.

  • Design Principles: Introduction

    Guidance25 Sep 2016TopicsDesign and configuration, Digital services

    Some background on digital services and advice on how to get the most from our Design Principles

  • Systems administration architectures

    Guidance25 Sep 2016TopicsOperational security, Design and configuration, Digital services

    There are a number of different architectural models that can be used to design the administration approach for IT systems. This section describes some common approaches and the risks associated with each.

  • Full Disk Encryption - Authorisation Acquisition (CC Mapping): CPA SC

    Document08 Aug 2016TopicsIT infrastructure, Design and configuration, Secure storage, Assurance

    Full disk encryption protects the confidentiality of data at rest. Such solutions come in two parts – an encryption engine component that performs the bulk encryption and decryption of information, and an “Authorisation Acquisition” component covered by this Security ...

  • 10 Steps: Secure Configuration

    Guidance08 Aug 2016TopicsDesign and configuration, Cyber attacks

    This section from within the NCSC's '10 Steps To Cyber Security' concerns Secure Configuration.

  • Security Design Principles for Digital Services

    Guidance08 Aug 2016TopicsDesign and configuration, Digital services

  • IA Technical Design Review

    Information01 Aug 2016TopicsGovernment strategy, Risk management, Design and configuration

    An IA Technical Design Review (TDR) is aimed at private or public sector customers who are looking to offer an ICT service to Government, where the solution being offered contains innovative or complex security functionality that is not covered by current HMG IA guidance.

  • Client Virtualisation: CPA SC

    Document08 Feb 2016TopicsIT infrastructure, Design and configuration, Assurance

    Provides the ability to run multiple instances of a commercial operating system on a single piece of hardware, distinguished by frequent interactive use by a single user. 

  • Server Virtualisation: CPA SC

    Document08 Feb 2016TopicsIT infrastructure, Design and configuration, Assurance

    Provides the ability to run multiple instances of a commercial operating system on a single piece of hardware, distinguished by a need for unattended running and remote access by multiple users.

  • Stateful Traffic Filter Firewall (CC Mapping): CPA SC

    Document08 Feb 2016TopicsIT infrastructure, Design and configuration, Network security, Assurance

    Devices capable of filtering IP and TCP/UDP network traffic based on administrator-configured rules