CESG dishes out security advice for Blackberry, Android & Chrome OS

Advice for organisations from the spooks

security key on keyboard

The Communications and Electronics Security Group (CESG) has published security guidance to enable organisations to safely deploy BlackBerry 10.2.1, Android 4.4 and Chrome OS devices.

The information security arm of GCHQ has revised its rules to assist those working in IT departments on how best to rollout and use these mobile operating systems securely.

The updated guidance is available now on Gov.uk and forms part of the Cabinet Office's End User Device Security Framework. It shows how the platforms can be configured to meet security recommendations and details the threats and other security problems for each of them.

It said the advice aims to "take a balanced approach between security and usability for remote or mobile working devices" by helping to reduce common risks to an organisation's information while still providing flexibility and ease of use. 

There is also information on system architectures for deploying the devices. The CESG said the advice was not an endorsement of the platforms and only there to improve the UK's overall cyber security stance. 

"Rather than being an 'approval' or 'endorsement' by CESG of any of these products, this guidance helps organisations to understand and manage the risks associated with the different devices, as part of their normal risk management processes," it said.

It added that each platform's virtual private network (VPN) and encryption efforts should be areas organisations should be aware of and manage appropriately.

It said Chrome OS's VPN "has not been independently assured to Foundation Grade, and does not currently support some of the mandatory requirements expected from assured VPNs."

"The VPN can be disabled by the user and some Google traffic is sent prior to the VPN being established resulting in potential for data leakage onto untrusted networks. Without assurance in the VPN there is a risk that data transiting from the device could be compromised," it added.

It also noted similar problems with Android's VPN as well as pointing out the lack of security of SD cards and non-data partitions. Blackberry OS 10.2's VPN and native data encryption also fell short, according to the CESG. 

Minor updates have also been made to guidance for  iOS 7, Windows 7 and Windows 8.1.

Featured Resources

Shining light on new 'cool' cloud technologies and their drawbacks

IONOS Cloud Up! Summit, Cloud Technology Session with Russell Barley

Watch now

Build mobile and web apps faster

Three proven tips to accelerate modern app development

Free download

Reduce the carbon footprint of IT operations up to 88%

A carbon reduction opportunity

Free Download

Comparing serverless and server-based technologies

Determining the total cost of ownership

Free download

Recommended

MacBook Pro owners report MagSafe charging issues
Laptops

MacBook Pro owners report MagSafe charging issues

30 Nov 2021
Apple's mixed reality headset could debut in 2022
augmented reality (AR)

Apple's mixed reality headset could debut in 2022

29 Nov 2021
Apple sues NSO Group over Pegasus attacks on its customers
spyware

Apple sues NSO Group over Pegasus attacks on its customers

24 Nov 2021
UK and US pledge to punish cyber criminals at annual meeting
cyber security

UK and US pledge to punish cyber criminals at annual meeting

19 Nov 2021

Most Popular

What should you really be asking about your remote access software?
Sponsored

What should you really be asking about your remote access software?

17 Nov 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

30 Nov 2021
What is single sign-on (SSO)?
single sign-on (SSO)

What is single sign-on (SSO)?

2 Dec 2021