https://gds.blog.gov.uk/2013/10/22/new-guidance-for-government-devices/

New guidance for government devices

Last week GDS helped launch new guidance for securely using 11 common desktop and mobile operating systems in public sector organisations. CESG (the UK government’s National Technical Authority for information assurance) have led this, working closely with the team in the Office of the CTO.

The CESG advice builds upon our joint End User Device Security Framework which we published as part of the CTO series in the Service Design Manual in June this year.

The guidance was presented to the civil service security and IT community and to industry, with welcoming addresses by Liam Maxwell, the government CTO and Stephen Kelly, the government COO and SIRO (Senior Information Risk Owner).

My role was to explain how the guidance fits with our End User Device approach and how it supports the wider rebalancing of government IT.

The guidance is remarkable and important because:

    • it has been written to put user needs first - not something that security policy is known for
    • it enables real choice of IT for civil servants - there is guidance for Mac OS X, Ubuntu and Android alongside more expected platforms like Windows and BlackBerry
    • it is published on GOV.UK - which is important in ensuring it gets to the people who need to see and use it
    • it is written as guidance rather than rigid instructions, which will allow users to make informed, risk based decisions on their particular deployments
    • it is designed to be iterated based on user feedback

Feedback on the guidance

The feedback at the events was generally very positive, with a number of delegates describing it as 'revolutionary'. Naturally there was also a degree of scepticism that the guidance could change a deeply rooted risk averse culture in departments.

While there will clearly be more to do to achieve all the benefits of the end user device approach, this new guidance is a very positive step in the right direction. With the support of IT and security teams in departments it will lead to a better, more secure user experience for civil servants. GDS IT and the Cabinet Office Technology Team already have pilot projects underway to put it to the test.

Read the End User Device Security Guidance, and send feedback to platform@cesg.gsi.gov.uk.

1 comment

  1. dav1d

    How does this, and your, device effect Departments PSN Coco?

    Link to this comment