|
News
| e-Security
Guidelines | Security
tips | Contacts
| Links
News Items
Security Frameworks
The Office of the e-Envoy has
completed the revision of the security frameworks for eGovernment
that are aimed at those establishing, procuring and providing
e-Government services.
The e-Government Security Framework
provides key guidance to service providers wishing to gain
the trust and confidence of their users. It lays the foundations
for enabling secure services to be provided that will transform
the way citizens and businesses interact with government.
This over-arching document is
supported by other documents in this framework, covering Assurance,
Business Services, Confidentiality, Network Defence, Registration
& Authentication and Trust Services.
They embody the internationally
recognised information security standard, BS EN ISO 17799,
with which all key government information processes should
shortly be compliant.
>
Security framework documents
Businesses urged to adopt
international information security guidelines
The e-commerce minister, Stephen
Timms, has urged businesses to rise to the challenge of e-commerce
by adopting new internationally agreed guidelines on information
security.
"The development of e-commerce,
one of the keys to the future of our economy, has without
question been held back by doubts about security," Timms
told an audience of IT professionals (5 September).
The guidelines, developed by the
Organisation of Economic Co-operation and Development (OECD),
present companies with eight high-level principles designed
to make IT and Internet systems more secure.
Timms said: "The guidelines
are based on the idea that there should be a culture of security,
that security considerations should be built-in from the outset
to every aspect of our online experience."
This comes as a new version of
the standard promises to make it easier for businesses to
acquire BS7799 certification. It is also designed to integrate
more closely with other business management standards, such
as the ISO 9001 quality standard. (cw360)
Contacts
For further information
on any aspect of our work, please contact us: Security@e-envoy.gsi.gov.uk
Please include details
of your name, who you work for and your position in that organisation
Links
CESG
The UK government's
national technical authority for information assurance, helping
formulate information security policy and guidance for official
use. They assist users in putting this guidance into effect
by aiming to ensure the availability of appropriate technical
solutions and services.
http://www.cesg.gov.uk
National Infrastructure
Security Co-ordination Centre (NISCC)
This interdepartmental
organisation co-ordinates and develops existing work within
government departments and agencies and organisations in the
private sector to defend the Critical National Infrastructure
against electronic attack.
http://www.niscc.gov.uk
National hi-tech
Crime Unit
Tasked to combat
computer-based crime, the Unit works with law enforcement
experts selected from the National Crime Squad, the National
Criminal Intelligence Service, HM Customs and Excise and police
forces.
http://www.nhtcu.org
UNIRAS
The Unified Incident
Reporting and Alert Scheme (UNIRAS) has the role of gathering
information on IT security incidents in Government departments
and agencies, producing periodic analysis and assessment of
incidents and trends, and issuing alerts and briefings on
matters of IT security concern.
http://www.uniras.gov.uk
Common Criteria
The Common Criteria
represents the outcome of a series of efforts to develop criteria
for evaluation of IT security that are broadly useful within
the international community.
http://www.commoncriteria.org
Govtalk
This government
site enables the Public Sector, Industry and other interested
participants to work together to develop and agree policies
and standards for e-government. This is achieved through the
UK GovTalk consultation processes.
http://www.govtalk.gov.uk
e-Security
index |
e-Security Guidelines | Security
tips | Contacts
| Links
top
of page
|
