Search - National Standard Microsite

to add a new content

Filter/Order

Status

Help

Status describes what stage of the lifecycle a standard is at:

Draft - This National Standard workstream is resourced, has clear outputs and is actively in development
Review - The National Standards Assurance Board are currently reviewing this National Standard
Consensus - The category community are now being encouraged to review and give feedback on this National Standard
Live - This National Standard has been through the established process and is now live, being reviewed at least annually
Retired - This National Standard has been retired and is present for historical reference only

Classification

Help

National Standards can be classified based on whether they are conceptual, rule based or value based:

Principles - The defining characteristic of a principle document is that it is conceptual. It describes a target state or end goal without specifying how it will be achieved.
Guidance/Policies/Standards - The defining characteristic of guidance, policies and standards are that they are rule based. The document specifies the rules to be applied to achieve a particular state.
Technical Reference Templates - The defining characteristic of a template is that it is value based. It specifies exactly the values that must be used.

Grade: PMR

Help

National Standards graded 4Pol are standards which meet the below criteria and should be considered first, before any other standard in that category, as they fit the National Policing Digital Strategy allowing forces and suppliers to converge on a single set of standards.

4Pol Criteria:

Support minimum legal requirements where they exist
Align with the National Policing Digital Strategy to ensure strategic alignment and design
Align with the TechUK Justice & Emergency Services Interoperability Charter to deliver better data sharing, exchanging and exploitation
Direct relevance and applicability to policing
Represent best practice
Able to be measured and achieved within the unique landscape of policing

Grade: LMR

Help

National Standards graded MLR stem directly from legislative requirements, such as the General Data Protection Regulation (GDPR) standards. These are National Standards which represent the minimum requirements to ensure that data and technology in use is operated in a lawfully compliant manner. These should be considered the baseline in applicable categories.

Internally Amended / Developed

Securing Technology at OFFICIAL

Guidance on how organisations should secure their technology and services to protect UK government information classified as OFFICIAL.

The vast majority of UK government public services are conducted at the Official classification. Business operations and services include information routinely used that can have damaging consequences if lost or stolen.

Security at Official is achieved through following good commercial practices and understanding security needs and matching these requirements to the latest available technology availabilities.

Published 01/01/2015

Authoring body: CESG National Technical Authority for Information Assurance

Guidance

End User Device (EUD) Security Guidance 2

Guidance for organisations deploying a range of end user device platforms as part of a remote working solution.

Modern smartphones, laptops and tablets provide users with great flexibility and functionality, and include security technologies to help protect information and as such this security guidance document is general to all end user devices (EUD) and their deployments to help harness its security capabilities without hindering its functioning ability by ensuring device configuration are set up correctly.

This guidance is to help optimise security functions, allow for greater user responsibility to reduce security complexity, maintaining user experience, logging and audit information and enable greater interoperability of IT systems.

Published 01/01/2018

Authoring body: National Cyber Security Centre (NCSC)

Guidance

Intelligence Management APP

Intelligence is information collected and gathered for the purpose of taking action. This process is continuous and critical to effective policing operations that allow for tactical options and prioritisation. Such intelligence can sometimes be classified as confidential or sensitive.

A Code of Practice has been issued by the secretary of state to develop a national intelligence model (NIM), which sets out principles and standards for chief officer and police and crime commissioners to adhere. Ensures the results of the standards are systematic for continuous progress and also helps promote compatibility of procedures and terminology for the (NIM) as well as monitor and evaluate the promulgation of good practice.

The code of the practice came into effect in January 2005.

Published 28/05/2019

Authoring body: College of Policing (CoP)

Guidance

Setup Government Email Services Securely

All public services sending emails out on behalf of government organisations must follow all protocols, processes and guidelines to ensure that they secure their email service. This includes:

the service providing users with mailbox access
internal relays and gateways
email filtering services
third party services that send email on your behalf, like transactional email services

Key configurations are needed to ensure you email services run smoothly:

Transport Layer Security (TLS)
DomainKeys Identified Mail (DKIM)
Domain-based Message Authentication, Reporting & Conformance (DMARC)
Public Domain Name System (DNS)
Ability to make administrative changes

If there are any changes made to your email security, ensure that you communicate such changes to all staff in your organisation.

Published 01/01/2020

Authoring body: Government Digital Services (GDS)

Guidance

Securing Government Email

This guidance applies to all email domains that public sector organisations run on the internet. It also helps ensures that public sector organisations exchanges email securely with other public sector organisations. Protecting emails in transit makes it difficult for domains to be spoofed.

All public sector emails must be kept secure by:

encrypting and authenticating email in transit by supporting Transport Layer Security (TLS) and Domain-based Message Authentication, Reporting and Conformance (DMARC) as a minimum
making sure the recipient protects the data you send to them
making email security invisible to end users as far as practically possible

Encryption and authentication only work if both the sender and the recipient use them.

The Government Digital Service recommends protecting email by:

forcing TLS when sending to .gov.uk
forcing TLS when sending to any other domains that supports it if the local risk profile requires it
using extra encryption services if needs be

Published 01/01/2019

Authoring body: Government Digital Service (GDS)

Guidance

Showing 81 to 85 of 204 entries.

Previous Page
Page1
Intermediate Pages
- Page2
- Page3
- Page4
- Page5
- Page6
- Page7
- Page8
- Page9
- Page10
- Page11
- Page12
- Page13
- Page14
- Page15
Page16
Page17
Page18
Intermediate Pages
- Page19
- Page20
- Page21
- Page22
- Page23
- Page24
- Page25
- Page26
- Page27
- Page28
- Page29
- Page30
- Page31
- Page32
- Page33
- Page34
- Page35
- Page36
- Page37
- Page38
Page41
Next Page

Police Digital Service National Standards

Search - National Standard Microsite

Securing Technology at OFFICIAL

End User Device (EUD) Security Guidance 2

Intelligence Management APP

Setup Government Email Services Securely

Securing Government Email

Knowledge Hub

Quick links

Partners

Contact us