CESG archive

Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.
Showing 1 - 25 of 66 results
Sort by: A-Z|Date
  • HMG IA Maturity Model (IAMM)

    Information08 Mar 2018TopicsCESG archive

    The IAMM is no longer supported by the NCSC. This page is retained for those still using the IAMM to assess and improve their organisation's security effectiveness.

    Although no longer supported by the NCSC, organisations may choose to continue to use the Maturity Model to assess and improve their security effectiveness.

  • UK/3.1/006 Selecting a sample for repeating developer tests

    Document11 Oct 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

  • UK/3.1/008 Treatment of commercial hardware that is part of a TOE

    Document11 Oct 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

  • UK/3.1/009 Abstract machine testing and the TOE boundary

    Document11 Oct 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

  • UK/3.1/010 Use of extended components for specifying optional requirements in a PP

    Document11 Oct 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

  • UK/3.1/011 Use of open source/third party source code

    Document11 Oct 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

  • UK/3.1/012 Multi-platform TOEs

    Document11 Oct 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

  • UK/3.1/014 ALC_FLR.3 Requirement for a timely response to security flaws

    Document11 Oct 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

  • End User Devices Security Guidance: Samsung devices with KNOX 2.x

    Guidance11 Aug 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

    Configuration guidance for the use of Samsung devices with KNOX 2.x for remote working at OFFICIAL.

  • Google Chrome End User Device Security

    Guidance11 Aug 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

    Guidance for organisations considering deploying a Google Chrome platform as part of a remote working solution

  • Samsung End User Device Security

    Guidance11 Aug 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

    Guidance for organisations considering deploying Samsung devices as part of a remote working solution

  • Security Operations and Management: An Introduction

    Guidance08 Aug 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

    A summary of what security operations and management is, and how it can help.

  • BYOD: Enterprise Considerations

    Guidance08 Aug 2016TopicsArchived guidance, CESG archive

    Key security aspects to consider in order to maximise enterprise benefits of BYOD whilst minimising the risks.

  • BYOD: Architectural Approaches

    Guidance08 Aug 2016TopicsArchived guidance, CESG archive

    Examples of common BYOD scenarios organisations may face when using personally owned devices to access enterprise services and data.

  • End User Devices Security Guidance: Google Chrome OS 32

    Guidance08 Aug 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

    Configuration guidance for the use of Chrome OS 32 for remote working at OFFICIAL.

  • Forensic Readiness (GPG 18)

    Guidance08 Aug 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

    Advice on defining and implementing an approach to forensic readiness planning.

  • Organisation Identity (GPG 46)

    Guidance08 Aug 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

    This guidance establishes the requirements for identifying an organisation in the context of online services.

  • Authentication and Credentials for use with HMG Online Services (GPG 44)

    Guidance08 Aug 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

    Guidance on the use of identity credentials to support user authentication to HMG Online Services

  • Identity Proofing and Verification of an Individual (GPG 45)

    Guidance08 Aug 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

    Guidance on identity proofing an individual where any HMG Department or service will be relying on that identity.

  • Transaction Monitoring for HMG Online Service Providers (GPG 53)

    Guidance08 Aug 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

    Guidance on how Transaction Monitoring (TxM) can counter the risk of electronic attack against online public services.

  • Internet Gateways (Architectural Pattern 17)

    Guidance08 Aug 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

    This Guidance describes security controls which can be used to secure an organisation’s access to the Internet.

  • Requirements for Secure Delivery of Online Public (GPG 43 Annex A)

    Guidance08 Aug 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

    This guidance supports CESG Good Practice Guide No. 43 (Requirements for Secure Delivery of Online Public Services).

  • Requirements for Secure Delivery of Online Public Services (GPG 43)

    Guidance08 Aug 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

    This guidance helps organisations determine the components needed to securely deliver public services to online individuals and businesses.

  • Serving Web Content (Architectural Pattern 10)

    Guidance08 Aug 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

    Recommended architecture for the management and deployment of web content.

  • ICT Service Management: Security Considerations (GPG 20)

    Guidance08 Aug 2016TopicsArchived guidance, CESG archive

    Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

    Advice on managing the risks associated with ICT service management systems.