SlideShare ist ein Scribd-Unternehmen logo

UK Gov Report Summary

- Mark - Fullbright
- Mark - Fullbright

Company names mentioned herein are the property of, and may be trademarks of, their respective owners and are for educational purposes only.

BildungTechnologie
1 von 7
Downloaden Sie, um offline zu lesen
UK Gov Security Assessment puts Ubuntu in First Place CESG, the security arm of the UK government that assesses operating systems and software, has published its findings for all ‘End User Device’ operating systems (OSs). Based at GCHQ, they included OSs for laptops and mobile devices in their assessment, and for uses designated at “OFFICIAL” level in accordance with UK Government Security Classification Policy. This is roughly equivalent to a standard set of best practice security features. Any enterprise would be interested in implementing these to make sure that information is not leaked from their organisation. The security assessment included the following categories: ● ● ● ● ● ● ● ● ● ● ● ● VPN Disk Encryption Authentication Secure Boot Platform Integrity and Application Sandboxing Application Whitelisting Malicious Code Detection and Prevention Security Policy Enforcement External Interface Protection Device Update Policy Event Collection for Enterprise Analysis Incident Response No currently available operating system can meet all of these requirements. Ubuntu however, scores the highest in a direct comparison. A summary of the assessment is shown below:
Sections that were considered as having a “Significant Risk” are marked below as a red box; sections that have some notes about risks to be aware of are marked in orange; sections that passed the assessment are marked in green. Android 4.2 [1] VPN Disk Encrypti on Authenti cation Secure Boot Platfor m Integrity & Applicati on Sandbox Samsung Devices with Android 4.2[2] Apple iOS 6[3] Apple OSX 10.8 [4] Blackber ry 10.1 (EMM Corporat e) [5] Blackber ry 10.1 (EMM Regulate d) [6] Google Chrome OS 26 [7] Ubuntu 12.04 [8] Window s 7 and 8 [9] Window s 8 RT [10] Window s Phone 8 [11]
ing Applicati on Whitelis ting Maliciou s Code Detectio n and Preventi on Security Policy Enforce ment External Interfac e Protecti on Device Update Policy Event Collectio n for Enterpri
-se Analysis Incident Respons e GREEN 5 9 7 8 5 9 8 9 8 7 7 ORANGE 6 2 4 4 6 2 3 3 4 4 3 RED 1 1 1 0 1 1 1 0 0 1 2 As you can see from the table the only OS that passes as many as 9 requirements without any “Significant Risks” as independently assessed by CESG is Ubuntu 12.04 LTS. So, what about the 3 sections that have comments: VPN, Disk Encryption and Secure Boot? VPN The comments made by CESG were that “The built-in VPN has not been independently assured to Foundation Grade.” This means that the software does meet all the technical requirements of security to pass the assessment, but that the software itself has not been independently assessed to make sure that it hasn’t been tampered with during the development process. You can also see from the comments made on each detailed assessment that nobody meets this requirement fully at this time. The best you can hope for is technical compliance with independent assessment pending, which is the case for Ubuntu 12.04 or independent assessment complete but missing technical features, like Windows 8, for example. The independent assessment work for Ubuntu is being carried out by a partner and we expect CESG to provide additional guidance for meeting this requirement fully, in due course. We expect that this will be also available in time for the upcoming release of Ubuntu
14.04 LTS and if so we expect to fully meet this requirement in this release. Disk Encryption Disk encryption is a similar case to the VPN assessment. For Ubuntu 12.04, CESG states: “LUKS and dm-crypt have not been independently assured to Foundation Grade.” LUKS and dm-crypt are used on Ubuntu to encrypt the data on the hard disk and to decrypt the data when starting up, by requesting a password from the user. Without the password, the computer cannot start the operating system or access any of the data. The technical requirements are all met, but the software has not been through an independent assessment to prove that it has not been tampered with in development. So, the independent assessment still needs to be done for LUKS and dm-crypt on Ubuntu to pass this requirement. However, every other operating system on the list has also yet to pass an independent assessment, but Ubuntu meets all the technical requirements already and we just need a sponsor to put the software through the assessment process. Secure Boot Secure boot is a Microsoft technology invented in co-operation with OEMs to ensure that software cannot be tampered with after the hardware has been shipped from the factory. It has provoked much debate in security circles, as the ability to install any software which you can control is desirable from a security perspective. The German government recently criticised secure boot [12] as preventing installation of specialised secure operating systems after sale of hardware. Ubuntu’s response, from Ubuntu 12.10 onwards is to adopt Grub2 as the default bootloader, with support for Secure Boot, but with an ability to turn off secure boot to modify the OS, if required. This is explained in John Melamut’s blog post here [13]. We believe this
gives users and enterprises the best compromise between security and ability to customise after sale. Summary All in all Ubuntu 12.04 LTS stacks up as the most secure of the current desktop and mobile operating systems. Supported by Canonical with free security updates for 5 years, and without malware problems, it’s hard to beat in official public sector applications. We are working hard to close the gap and make Ubuntu clearly stand out as the most trustworthy operating system for the future and we hope to make excellent progress before our next LTS release in April 2014, 14.04 LTS, which will be even better. Darryl Weaver Sales Engineer, EMEA, Canonical Further Reading The original CESG guidance is available to read here: https://www.gov.uk/government/collections/end-user-devices-security-guidance--2 References [1] https://www.gov.uk/government/publications/end-user-devices-security-guidance-android-42 [2] https://www.gov.uk/government/publications/end-user-devices-security-guidance-samsung-devices-with-android-42 [3] https://www.gov.uk/government/publications/end-user-devices-security-guidance-apple-ios-6 [4] https://www.gov.uk/government/publications/end-user-devices-security-guidance-apple-os-x-108 [5] https://www.gov.uk/government/publications/end-user-devices-security-guidance-blackberry-101-emm-corporate [6] https://www.gov.uk/government/publications/end-user-devices-security-guidance-blackberry-101-emm-regulated [7] https://www.gov.uk/government/publications/end-user-devices-security-guidance-google-chrome-os-26 [8] https://www.gov.uk/government/publications/end-user-devices-security-guidance-ubuntu-1204 [9] https://www.gov.uk/government/publications/end-user-devices-security-guidance-windows-7-and-windows-8 [10] https://www.gov.uk/government/publications/end-user-devices-security-guidance-windows-8-rt [11] https://www.gov.uk/government/publications/end-user-devices-security-guidance-windows-phone-8 [12] http://www.bmi.bund.de/SharedDocs/Downloads/DE/Themen/OED_Verwaltung/Informationsgesellschaft/trusted_computing_eng.html
[13] http://blog.canonical.com/2012/09/20/quetzal-is-taking-flight-update-on-ubuntu-secure-boot-plans/

Empfohlen

Windows 7 Security--Windows 7 password reset
Windows 7 Security--Windows 7 password resetWindows 7 Security--Windows 7 password reset
Windows 7 Security--Windows 7 password resetPassreset
 
Samsung beyond basic android online 0
Samsung beyond basic android online 0Samsung beyond basic android online 0
Samsung beyond basic android online 0Javier Gonzalez
 
Windows 7 Security Enhancements
Windows 7 Security EnhancementsWindows 7 Security Enhancements
Windows 7 Security EnhancementsPresentologics
 
Security Lock Down Your Computer Like the National Security Agency (NSA)
Security Lock Down Your Computer Like the National Security Agency (NSA)Security Lock Down Your Computer Like the National Security Agency (NSA)
Security Lock Down Your Computer Like the National Security Agency (NSA)José Ferreiro
 
Astaro Orange Paper Oss Myths Dispelled
Astaro Orange Paper Oss Myths DispelledAstaro Orange Paper Oss Myths Dispelled
Astaro Orange Paper Oss Myths Dispelledlosalamos
 
Overview of asp .net
Overview of asp .netOverview of asp .net
Overview of asp .netSajan Sahu
 
Discover the 5 New Windows 8 Security Features You Should Know - by Denver IT...
Discover the 5 New Windows 8 Security Features You Should Know - by Denver IT...Discover the 5 New Windows 8 Security Features You Should Know - by Denver IT...
Discover the 5 New Windows 8 Security Features You Should Know - by Denver IT...North Star. Inc.
 
An overview of the samsung knox platform v1 14
An overview of the samsung knox platform v1 14An overview of the samsung knox platform v1 14
An overview of the samsung knox platform v1 14Javier Gonzalez
 

Empfohlen

Windows 7 Security--Windows 7 password reset
Windows 7 Security--Windows 7 password resetWindows 7 Security--Windows 7 password reset
Windows 7 Security--Windows 7 password resetPassreset
 
Samsung beyond basic android online 0
Samsung beyond basic android online 0Samsung beyond basic android online 0
Samsung beyond basic android online 0Javier Gonzalez
 
Windows 7 Security Enhancements
Windows 7 Security EnhancementsWindows 7 Security Enhancements
Windows 7 Security EnhancementsPresentologics
 
Security Lock Down Your Computer Like the National Security Agency (NSA)
Security Lock Down Your Computer Like the National Security Agency (NSA)Security Lock Down Your Computer Like the National Security Agency (NSA)
Security Lock Down Your Computer Like the National Security Agency (NSA)José Ferreiro
 
Astaro Orange Paper Oss Myths Dispelled
Astaro Orange Paper Oss Myths DispelledAstaro Orange Paper Oss Myths Dispelled
Astaro Orange Paper Oss Myths Dispelledlosalamos
 
Overview of asp .net
Overview of asp .netOverview of asp .net
Overview of asp .netSajan Sahu
 
Discover the 5 New Windows 8 Security Features You Should Know - by Denver IT...
Discover the 5 New Windows 8 Security Features You Should Know - by Denver IT...Discover the 5 New Windows 8 Security Features You Should Know - by Denver IT...
Discover the 5 New Windows 8 Security Features You Should Know - by Denver IT...North Star. Inc.
 
An overview of the samsung knox platform v1 14
An overview of the samsung knox platform v1 14An overview of the samsung knox platform v1 14
An overview of the samsung knox platform v1 14Javier Gonzalez
 
Exploits Attack on Windows Vulnerabilities
Exploits Attack on Windows VulnerabilitiesExploits Attack on Windows Vulnerabilities
Exploits Attack on Windows VulnerabilitiesAmit Kumbhar
 
PR21-Preventing-File-Based-Botnet-Growth-and-Persistence-ARMOUR
PR21-Preventing-File-Based-Botnet-Growth-and-Persistence-ARMOURPR21-Preventing-File-Based-Botnet-Growth-and-Persistence-ARMOUR
PR21-Preventing-File-Based-Botnet-Growth-and-Persistence-ARMOURKurtis Armour
 
December Patch Tuesday 2020
December Patch Tuesday 2020December Patch Tuesday 2020
December Patch Tuesday 2020Ivanti
 
Android Security
Android SecurityAndroid Security
Android SecurityLars Jacobs
 
G. Gritsai, A. Timorin, Y. Goltsev, R. Ilin, S. Gordeychik, and A. Karpin, “S...
G. Gritsai, A. Timorin, Y. Goltsev, R. Ilin, S. Gordeychik, and A. Karpin, “S...G. Gritsai, A. Timorin, Y. Goltsev, R. Ilin, S. Gordeychik, and A. Karpin, “S...
G. Gritsai, A. Timorin, Y. Goltsev, R. Ilin, S. Gordeychik, and A. Karpin, “S...qqlan
 
checkpoint
checkpointcheckpoint
checkpointMayank Dhingra
 
Black Duck & IBM Present: Application Security in the Age of Open Source
Black Duck & IBM Present: Application Security in the Age of Open SourceBlack Duck & IBM Present: Application Security in the Age of Open Source
Black Duck & IBM Present: Application Security in the Age of Open SourceBlack Duck by Synopsys
 
Top 10 antiviruses
Top 10 antivirusesTop 10 antiviruses
Top 10 antivirusesuniversity of education,Lahore
 
Android security
Android securityAndroid security
Android securityMidhun P Gopi
 
Alimentate sanamente
Alimentate sanamenteAlimentate sanamente
Alimentate sanamentePaulina Bustillos Arrieta
 
Power Point activitat centrada en docent.tmateo
Power Point activitat centrada en docent.tmateoPower Point activitat centrada en docent.tmateo
Power Point activitat centrada en docent.tmateoThaïs Díez
 
"Outsourcing Best Practices" Conference. Speaker Diploma
"Outsourcing Best Practices" Conference. Speaker Diploma "Outsourcing Best Practices" Conference. Speaker Diploma
"Outsourcing Best Practices" Conference. Speaker Diploma Сергей Булавский
 
EXPOSICION 4
EXPOSICION 4EXPOSICION 4
EXPOSICION 4lolvezaldivar
 
Il csm, finalmente, si incazza sul serio
Il csm, finalmente, si incazza sul serioIl csm, finalmente, si incazza sul serio
Il csm, finalmente, si incazza sul serioCarlo Favaretti
 
PRASHANTH_M77[1]
PRASHANTH_M77[1]PRASHANTH_M77[1]
PRASHANTH_M77[1]Prashanth Mani
 
Fit 2015 flyer.pdf
Fit 2015 flyer.pdfFit 2015 flyer.pdf
Fit 2015 flyer.pdfRandibeth Gallant
 
Acotax Trademark Certificate
Acotax Trademark CertificateAcotax Trademark Certificate
Acotax Trademark CertificateСергей Булавский
 
Hojita evangelio domingo la sagrada familia c serie
Hojita evangelio domingo la sagrada familia c serieHojita evangelio domingo la sagrada familia c serie
Hojita evangelio domingo la sagrada familia c serieNelson Gómez
 
Typo3 Neos - Introduction - WebMardi - Lausanne
Typo3 Neos - Introduction - WebMardi - LausanneTypo3 Neos - Introduction - WebMardi - Lausanne
Typo3 Neos - Introduction - WebMardi - Lausannedfeyer
 
Portfolio E. Keenan
Portfolio E. KeenanPortfolio E. Keenan
Portfolio E. KeenanErica Keenan
 
Domingo iv to ciclo b bn
Domingo iv to ciclo b bnDomingo iv to ciclo b bn
Domingo iv to ciclo b bnNelson Gómez
 
cv new chris palmer elec july2015
cv new chris palmer elec july2015cv new chris palmer elec july2015
cv new chris palmer elec july2015Chris Palmer
 

Weitere ähnliche Inhalte

Was ist angesagt?

Exploits Attack on Windows Vulnerabilities
Exploits Attack on Windows VulnerabilitiesExploits Attack on Windows Vulnerabilities
Exploits Attack on Windows VulnerabilitiesAmit Kumbhar
 
PR21-Preventing-File-Based-Botnet-Growth-and-Persistence-ARMOUR
PR21-Preventing-File-Based-Botnet-Growth-and-Persistence-ARMOURPR21-Preventing-File-Based-Botnet-Growth-and-Persistence-ARMOUR
PR21-Preventing-File-Based-Botnet-Growth-and-Persistence-ARMOURKurtis Armour
 
December Patch Tuesday 2020
December Patch Tuesday 2020December Patch Tuesday 2020
December Patch Tuesday 2020Ivanti
 
Android Security
Android SecurityAndroid Security
Android SecurityLars Jacobs
 
G. Gritsai, A. Timorin, Y. Goltsev, R. Ilin, S. Gordeychik, and A. Karpin, “S...
G. Gritsai, A. Timorin, Y. Goltsev, R. Ilin, S. Gordeychik, and A. Karpin, “S...G. Gritsai, A. Timorin, Y. Goltsev, R. Ilin, S. Gordeychik, and A. Karpin, “S...
G. Gritsai, A. Timorin, Y. Goltsev, R. Ilin, S. Gordeychik, and A. Karpin, “S...qqlan
 
Black Duck & IBM Present: Application Security in the Age of Open Source
Black Duck & IBM Present: Application Security in the Age of Open SourceBlack Duck & IBM Present: Application Security in the Age of Open Source
Black Duck & IBM Present: Application Security in the Age of Open SourceBlack Duck by Synopsys
 

Was ist angesagt? (9)

Exploits Attack on Windows Vulnerabilities
Exploits Attack on Windows VulnerabilitiesExploits Attack on Windows Vulnerabilities
Exploits Attack on Windows Vulnerabilities
 
PR21-Preventing-File-Based-Botnet-Growth-and-Persistence-ARMOUR
PR21-Preventing-File-Based-Botnet-Growth-and-Persistence-ARMOURPR21-Preventing-File-Based-Botnet-Growth-and-Persistence-ARMOUR
PR21-Preventing-File-Based-Botnet-Growth-and-Persistence-ARMOUR
 
December Patch Tuesday 2020
December Patch Tuesday 2020December Patch Tuesday 2020
December Patch Tuesday 2020
 
Android Security
Android SecurityAndroid Security
Android Security
 
G. Gritsai, A. Timorin, Y. Goltsev, R. Ilin, S. Gordeychik, and A. Karpin, “S...
G. Gritsai, A. Timorin, Y. Goltsev, R. Ilin, S. Gordeychik, and A. Karpin, “S...G. Gritsai, A. Timorin, Y. Goltsev, R. Ilin, S. Gordeychik, and A. Karpin, “S...
G. Gritsai, A. Timorin, Y. Goltsev, R. Ilin, S. Gordeychik, and A. Karpin, “S...
 
checkpoint
checkpointcheckpoint
checkpoint
 
Black Duck & IBM Present: Application Security in the Age of Open Source
Black Duck & IBM Present: Application Security in the Age of Open SourceBlack Duck & IBM Present: Application Security in the Age of Open Source
Black Duck & IBM Present: Application Security in the Age of Open Source
 
Top 10 antiviruses
Top 10 antivirusesTop 10 antiviruses
Top 10 antiviruses
 
Android security
Android securityAndroid security
Android security
 

Andere mochten auch

Power Point activitat centrada en docent.tmateo
Power Point activitat centrada en docent.tmateoPower Point activitat centrada en docent.tmateo
Power Point activitat centrada en docent.tmateoThaïs Díez
 
"Outsourcing Best Practices" Conference. Speaker Diploma
"Outsourcing Best Practices" Conference. Speaker Diploma "Outsourcing Best Practices" Conference. Speaker Diploma
"Outsourcing Best Practices" Conference. Speaker Diploma Сергей Булавский
 
Il csm, finalmente, si incazza sul serio
Il csm, finalmente, si incazza sul serioIl csm, finalmente, si incazza sul serio
Il csm, finalmente, si incazza sul serioCarlo Favaretti
 
Hojita evangelio domingo la sagrada familia c serie
Hojita evangelio domingo la sagrada familia c serieHojita evangelio domingo la sagrada familia c serie
Hojita evangelio domingo la sagrada familia c serieNelson Gómez
 
Typo3 Neos - Introduction - WebMardi - Lausanne
Typo3 Neos - Introduction - WebMardi - LausanneTypo3 Neos - Introduction - WebMardi - Lausanne
Typo3 Neos - Introduction - WebMardi - Lausannedfeyer
 
Portfolio E. Keenan
Portfolio E. KeenanPortfolio E. Keenan
Portfolio E. KeenanErica Keenan
 
Domingo iv to ciclo b bn
Domingo iv to ciclo b bnDomingo iv to ciclo b bn
Domingo iv to ciclo b bnNelson Gómez
 
cv new chris palmer elec july2015
cv new chris palmer elec july2015cv new chris palmer elec july2015
cv new chris palmer elec july2015Chris Palmer
 
Lysistrata Poster 2015
Lysistrata Poster 2015Lysistrata Poster 2015
Lysistrata Poster 2015Alyssa Steen
 
Moving bed biofilm reactor for denitrification corey
Moving bed biofilm reactor for denitrification coreyMoving bed biofilm reactor for denitrification corey
Moving bed biofilm reactor for denitrification coreymayurshinde1987
 

Andere mochten auch (17)

Alimentate sanamente
Alimentate sanamenteAlimentate sanamente
Alimentate sanamente
 
Power Point activitat centrada en docent.tmateo
Power Point activitat centrada en docent.tmateoPower Point activitat centrada en docent.tmateo
Power Point activitat centrada en docent.tmateo
 
"Outsourcing Best Practices" Conference. Speaker Diploma
"Outsourcing Best Practices" Conference. Speaker Diploma "Outsourcing Best Practices" Conference. Speaker Diploma
"Outsourcing Best Practices" Conference. Speaker Diploma
 
EXPOSICION 4
EXPOSICION 4EXPOSICION 4
EXPOSICION 4
 
Il csm, finalmente, si incazza sul serio
Il csm, finalmente, si incazza sul serioIl csm, finalmente, si incazza sul serio
Il csm, finalmente, si incazza sul serio
 
PRASHANTH_M77[1]
PRASHANTH_M77[1]PRASHANTH_M77[1]
PRASHANTH_M77[1]
 
Fit 2015 flyer.pdf
Fit 2015 flyer.pdfFit 2015 flyer.pdf
Fit 2015 flyer.pdf
 
Acotax Trademark Certificate
Acotax Trademark CertificateAcotax Trademark Certificate
Acotax Trademark Certificate
 
Hojita evangelio domingo la sagrada familia c serie
Hojita evangelio domingo la sagrada familia c serieHojita evangelio domingo la sagrada familia c serie
Hojita evangelio domingo la sagrada familia c serie
 
Typo3 Neos - Introduction - WebMardi - Lausanne
Typo3 Neos - Introduction - WebMardi - LausanneTypo3 Neos - Introduction - WebMardi - Lausanne
Typo3 Neos - Introduction - WebMardi - Lausanne
 
Portfolio E. Keenan
Portfolio E. KeenanPortfolio E. Keenan
Portfolio E. Keenan
 
Domingo iv to ciclo b bn
Domingo iv to ciclo b bnDomingo iv to ciclo b bn
Domingo iv to ciclo b bn
 
cv new chris palmer elec july2015
cv new chris palmer elec july2015cv new chris palmer elec july2015
cv new chris palmer elec july2015
 
Lysistrata Poster 2015
Lysistrata Poster 2015Lysistrata Poster 2015
Lysistrata Poster 2015
 
PMMC Certificate - Sergey Bulavsky
PMMC Certificate - Sergey BulavskyPMMC Certificate - Sergey Bulavsky
PMMC Certificate - Sergey Bulavsky
 
Ley de Contrataciones Públicas
Ley de Contrataciones PúblicasLey de Contrataciones Públicas
Ley de Contrataciones Públicas
 
Moving bed biofilm reactor for denitrification corey
Moving bed biofilm reactor for denitrification coreyMoving bed biofilm reactor for denitrification corey
Moving bed biofilm reactor for denitrification corey
 

Ähnlich wie UK Gov Report Summary

How BlackBerry Brings Android Security To Your Enterprise: White Paper
How BlackBerry Brings Android Security To Your Enterprise: White PaperHow BlackBerry Brings Android Security To Your Enterprise: White Paper
How BlackBerry Brings Android Security To Your Enterprise: White PaperBlackBerry
 
Android Security Maximized by Samsung KNOX
Android Security Maximized by Samsung KNOXAndroid Security Maximized by Samsung KNOX
Android Security Maximized by Samsung KNOXSamsung Biz Mobile
 
CodeMotion tel aviv 2015 - burning marshmallows
CodeMotion tel aviv 2015 - burning marshmallowsCodeMotion tel aviv 2015 - burning marshmallows
CodeMotion tel aviv 2015 - burning marshmallowsRon Munitz
 
Tres formas de modernizar la TI del dispositivo y mejorar la productividad
Tres formas de modernizar la TI del dispositivo y mejorar la productividadTres formas de modernizar la TI del dispositivo y mejorar la productividad
Tres formas de modernizar la TI del dispositivo y mejorar la productividadCade Soluciones
 
u10a1 Security Plan-Beji Jacob
u10a1 Security Plan-Beji Jacobu10a1 Security Plan-Beji Jacob
u10a1 Security Plan-Beji JacobBeji Jacob
 
ENHANCED SOFTWARE DESIGN FOR BOOSTED CONTINUOUS SOFTWARE DELIVERY
ENHANCED SOFTWARE DESIGN FOR BOOSTED CONTINUOUS SOFTWARE DELIVERYENHANCED SOFTWARE DESIGN FOR BOOSTED CONTINUOUS SOFTWARE DELIVERY
ENHANCED SOFTWARE DESIGN FOR BOOSTED CONTINUOUS SOFTWARE DELIVERYijseajournal
 
Sa No Scan Paper
Sa No Scan PaperSa No Scan Paper
Sa No Scan Papertafinley
 
LOUCA23 Yusuf Hadiwinata Linux Security BestPractice
LOUCA23 Yusuf Hadiwinata Linux Security BestPracticeLOUCA23 Yusuf Hadiwinata Linux Security BestPractice
LOUCA23 Yusuf Hadiwinata Linux Security BestPracticeYusuf Hadiwinata Sutandar
 
Proving the Security of Low-Level Software Components & TEEs
Proving the Security of Low-Level Software Components & TEEsProving the Security of Low-Level Software Components & TEEs
Proving the Security of Low-Level Software Components & TEEsAshley Zupkus
 
Discussing Windows® XP End of Support with Management: 5 Key Factors
Discussing Windows® XP End of Support with Management: 5 Key FactorsDiscussing Windows® XP End of Support with Management: 5 Key Factors
Discussing Windows® XP End of Support with Management: 5 Key FactorsLenovo Business
 
The Challenge of Integrating Security Solutions with CI.pdf
The Challenge of Integrating Security Solutions with CI.pdfThe Challenge of Integrating Security Solutions with CI.pdf
The Challenge of Integrating Security Solutions with CI.pdfSavinder Puri
 
CoreTrace Whitepaper: Application Whitelisting And Energy Systems
CoreTrace Whitepaper: Application Whitelisting And Energy SystemsCoreTrace Whitepaper: Application Whitelisting And Energy Systems
CoreTrace Whitepaper: Application Whitelisting And Energy SystemsCoreTrace Corporation
 
Secure Trustworthy Enterprise
Secure Trustworthy EnterpriseSecure Trustworthy Enterprise
Secure Trustworthy EnterpriseDMIMarketing
 
Portakal Teknoloji Otc Lyon Part 1
Portakal Teknoloji Otc Lyon Part 1Portakal Teknoloji Otc Lyon Part 1
Portakal Teknoloji Otc Lyon Part 1bora.gungoren
 
Arch overview
Arch overviewArch overview
Arch overviewmaojunjie
 
Implementing a Security strategy in IoT, Practical example Automotive Grade L...
Implementing a Security strategy in IoT, Practical example Automotive Grade L...Implementing a Security strategy in IoT, Practical example Automotive Grade L...
Implementing a Security strategy in IoT, Practical example Automotive Grade L...LibreCon
 
Auditing the Workstation Domain for Compliance.docx
Auditing the Workstation Domain for Compliance.docxAuditing the Workstation Domain for Compliance.docx
Auditing the Workstation Domain for Compliance.docxwrite12
 

Ähnlich wie UK Gov Report Summary (20)

How BlackBerry Brings Android Security To Your Enterprise: White Paper
How BlackBerry Brings Android Security To Your Enterprise: White PaperHow BlackBerry Brings Android Security To Your Enterprise: White Paper
How BlackBerry Brings Android Security To Your Enterprise: White Paper
 
Android Security Maximized by Samsung KNOX
Android Security Maximized by Samsung KNOXAndroid Security Maximized by Samsung KNOX
Android Security Maximized by Samsung KNOX
 
CodeMotion tel aviv 2015 - burning marshmallows
CodeMotion tel aviv 2015 - burning marshmallowsCodeMotion tel aviv 2015 - burning marshmallows
CodeMotion tel aviv 2015 - burning marshmallows
 
Tres formas de modernizar la TI del dispositivo y mejorar la productividad
Tres formas de modernizar la TI del dispositivo y mejorar la productividadTres formas de modernizar la TI del dispositivo y mejorar la productividad
Tres formas de modernizar la TI del dispositivo y mejorar la productividad
 
u10a1 Security Plan-Beji Jacob
u10a1 Security Plan-Beji Jacobu10a1 Security Plan-Beji Jacob
u10a1 Security Plan-Beji Jacob
 
ENHANCED SOFTWARE DESIGN FOR BOOSTED CONTINUOUS SOFTWARE DELIVERY
ENHANCED SOFTWARE DESIGN FOR BOOSTED CONTINUOUS SOFTWARE DELIVERYENHANCED SOFTWARE DESIGN FOR BOOSTED CONTINUOUS SOFTWARE DELIVERY
ENHANCED SOFTWARE DESIGN FOR BOOSTED CONTINUOUS SOFTWARE DELIVERY
 
Sa No Scan Paper
Sa No Scan PaperSa No Scan Paper
Sa No Scan Paper
 
LOUCA23 Yusuf Hadiwinata Linux Security BestPractice
LOUCA23 Yusuf Hadiwinata Linux Security BestPracticeLOUCA23 Yusuf Hadiwinata Linux Security BestPractice
LOUCA23 Yusuf Hadiwinata Linux Security BestPractice
 
Proving the Security of Low-Level Software Components & TEEs
Proving the Security of Low-Level Software Components & TEEsProving the Security of Low-Level Software Components & TEEs
Proving the Security of Low-Level Software Components & TEEs
 
Discussing Windows® XP End of Support with Management: 5 Key Factors
Discussing Windows® XP End of Support with Management: 5 Key FactorsDiscussing Windows® XP End of Support with Management: 5 Key Factors
Discussing Windows® XP End of Support with Management: 5 Key Factors
 
Avc prot 2012b_en
Avc prot 2012b_enAvc prot 2012b_en
Avc prot 2012b_en
 
What Linux is what you should also have on your computer.
What Linux is what you should also have on your computer.What Linux is what you should also have on your computer.
What Linux is what you should also have on your computer.
 
The Challenge of Integrating Security Solutions with CI.pdf
The Challenge of Integrating Security Solutions with CI.pdfThe Challenge of Integrating Security Solutions with CI.pdf
The Challenge of Integrating Security Solutions with CI.pdf
 
CoreTrace Whitepaper: Application Whitelisting And Energy Systems
CoreTrace Whitepaper: Application Whitelisting And Energy SystemsCoreTrace Whitepaper: Application Whitelisting And Energy Systems
CoreTrace Whitepaper: Application Whitelisting And Energy Systems
 
Secure Trustworthy Enterprise
Secure Trustworthy EnterpriseSecure Trustworthy Enterprise
Secure Trustworthy Enterprise
 
Avc prot 2013a_en
Avc prot 2013a_enAvc prot 2013a_en
Avc prot 2013a_en
 
Portakal Teknoloji Otc Lyon Part 1
Portakal Teknoloji Otc Lyon Part 1Portakal Teknoloji Otc Lyon Part 1
Portakal Teknoloji Otc Lyon Part 1
 
Arch overview
Arch overviewArch overview
Arch overview
 
Implementing a Security strategy in IoT, Practical example Automotive Grade L...
Implementing a Security strategy in IoT, Practical example Automotive Grade L...Implementing a Security strategy in IoT, Practical example Automotive Grade L...
Implementing a Security strategy in IoT, Practical example Automotive Grade L...
 
Auditing the Workstation Domain for Compliance.docx
Auditing the Workstation Domain for Compliance.docxAuditing the Workstation Domain for Compliance.docx
Auditing the Workstation Domain for Compliance.docx
 

Mehr von - Mark - Fullbright

ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019- Mark - Fullbright
 
2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)- Mark - Fullbright
 
Consumer Sentinel Network Data Book 2019
Consumer Sentinel Network Data Book 2019Consumer Sentinel Network Data Book 2019
Consumer Sentinel Network Data Book 2019- Mark - Fullbright
 
CFPB Consumer Reporting Companies 2019
CFPB Consumer Reporting Companies 2019CFPB Consumer Reporting Companies 2019
CFPB Consumer Reporting Companies 2019- Mark - Fullbright
 
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...- Mark - Fullbright
 
2019 Data Breach Investigations Report (DBIR)
2019 Data Breach Investigations Report (DBIR)2019 Data Breach Investigations Report (DBIR)
2019 Data Breach Investigations Report (DBIR)- Mark - Fullbright
 
2018 Privacy & Data Security Report
2018 Privacy & Data Security Report2018 Privacy & Data Security Report
2018 Privacy & Data Security Report- Mark - Fullbright
 
Consumer Sentinel Network Data Book 2018
Consumer Sentinel Network Data Book 2018 Consumer Sentinel Network Data Book 2018
Consumer Sentinel Network Data Book 2018 - Mark - Fullbright
 
The Geography of Medical Identity Theft
The Geography of Medical Identity TheftThe Geography of Medical Identity Theft
The Geography of Medical Identity Theft- Mark - Fullbright
 
Consumer Sentinel Data Book 2017
Consumer Sentinel Data Book 2017Consumer Sentinel Data Book 2017
Consumer Sentinel Data Book 2017- Mark - Fullbright
 
Protecting Personal Information: A Guide for Business
Protecting Personal Information: A Guide for BusinessProtecting Personal Information: A Guide for Business
Protecting Personal Information: A Guide for Business- Mark - Fullbright
 
Data Breach Response: A Guide for Business
Data Breach Response: A Guide for BusinessData Breach Response: A Guide for Business
Data Breach Response: A Guide for Business- Mark - Fullbright
 
2017 Data Breach Investigations Report
2017 Data Breach Investigations Report2017 Data Breach Investigations Report
2017 Data Breach Investigations Report- Mark - Fullbright
 
Consumer Sentinel Network Data Book for January 2016 - December 2016
Consumer Sentinel Network Data Book for January 2016 - December 2016Consumer Sentinel Network Data Book for January 2016 - December 2016
Consumer Sentinel Network Data Book for January 2016 - December 2016- Mark - Fullbright
 
Consumer Sentinel Data Book 2015
Consumer Sentinel Data Book 2015Consumer Sentinel Data Book 2015
Consumer Sentinel Data Book 2015- Mark - Fullbright
 

Mehr von - Mark - Fullbright (20)

ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019
 
IC3 2019 Internet Crime Report
IC3 2019 Internet Crime ReportIC3 2019 Internet Crime Report
IC3 2019 Internet Crime Report
 
Police, Protesters, Press, 2020
Police, Protesters, Press, 2020Police, Protesters, Press, 2020
Police, Protesters, Press, 2020
 
2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)
 
FCPA Guidance 2020
FCPA Guidance 2020FCPA Guidance 2020
FCPA Guidance 2020
 
Consumer Sentinel Network Data Book 2019
Consumer Sentinel Network Data Book 2019Consumer Sentinel Network Data Book 2019
Consumer Sentinel Network Data Book 2019
 
CFPB Consumer Reporting Companies 2019
CFPB Consumer Reporting Companies 2019CFPB Consumer Reporting Companies 2019
CFPB Consumer Reporting Companies 2019
 
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
 
2018 IC3 Report
2018 IC3 Report2018 IC3 Report
2018 IC3 Report
 
2019 Data Breach Investigations Report (DBIR)
2019 Data Breach Investigations Report (DBIR)2019 Data Breach Investigations Report (DBIR)
2019 Data Breach Investigations Report (DBIR)
 
2018 Privacy & Data Security Report
2018 Privacy & Data Security Report2018 Privacy & Data Security Report
2018 Privacy & Data Security Report
 
Consumer Sentinel Network Data Book 2018
Consumer Sentinel Network Data Book 2018 Consumer Sentinel Network Data Book 2018
Consumer Sentinel Network Data Book 2018
 
Credit Score Explainer
Credit Score ExplainerCredit Score Explainer
Credit Score Explainer
 
The Geography of Medical Identity Theft
The Geography of Medical Identity TheftThe Geography of Medical Identity Theft
The Geography of Medical Identity Theft
 
Consumer Sentinel Data Book 2017
Consumer Sentinel Data Book 2017Consumer Sentinel Data Book 2017
Consumer Sentinel Data Book 2017
 
Protecting Personal Information: A Guide for Business
Protecting Personal Information: A Guide for BusinessProtecting Personal Information: A Guide for Business
Protecting Personal Information: A Guide for Business
 
Data Breach Response: A Guide for Business
Data Breach Response: A Guide for BusinessData Breach Response: A Guide for Business
Data Breach Response: A Guide for Business
 
2017 Data Breach Investigations Report
2017 Data Breach Investigations Report2017 Data Breach Investigations Report
2017 Data Breach Investigations Report
 
Consumer Sentinel Network Data Book for January 2016 - December 2016
Consumer Sentinel Network Data Book for January 2016 - December 2016Consumer Sentinel Network Data Book for January 2016 - December 2016
Consumer Sentinel Network Data Book for January 2016 - December 2016
 
Consumer Sentinel Data Book 2015
Consumer Sentinel Data Book 2015Consumer Sentinel Data Book 2015
Consumer Sentinel Data Book 2015
 

Kürzlich hochgeladen

Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
Role Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptxRole Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptxNikitaBankoti2
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsMebane Rash
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxPoojaSen20
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfChris Hunter
 
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIFood Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIShubhangi Sonawane
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Shubhangi Sonawane
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxheathfieldcps1
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPoojaSen20
 

Kürzlich hochgeladen (20)

Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Role Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptxRole Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptx
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Asian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptxAsian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptx
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
 
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIFood Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
 

UK Gov Report Summary

  • 1. UK Gov Security Assessment puts Ubuntu in First Place CESG, the security arm of the UK government that assesses operating systems and software, has published its findings for all ‘End User Device’ operating systems (OSs). Based at GCHQ, they included OSs for laptops and mobile devices in their assessment, and for uses designated at “OFFICIAL” level in accordance with UK Government Security Classification Policy. This is roughly equivalent to a standard set of best practice security features. Any enterprise would be interested in implementing these to make sure that information is not leaked from their organisation. The security assessment included the following categories: ● ● ● ● ● ● ● ● ● ● ● ● VPN Disk Encryption Authentication Secure Boot Platform Integrity and Application Sandboxing Application Whitelisting Malicious Code Detection and Prevention Security Policy Enforcement External Interface Protection Device Update Policy Event Collection for Enterprise Analysis Incident Response No currently available operating system can meet all of these requirements. Ubuntu however, scores the highest in a direct comparison. A summary of the assessment is shown below:
  • 2. Sections that were considered as having a “Significant Risk” are marked below as a red box; sections that have some notes about risks to be aware of are marked in orange; sections that passed the assessment are marked in green. Android 4.2 [1] VPN Disk Encrypti on Authenti cation Secure Boot Platfor m Integrity & Applicati on Sandbox Samsung Devices with Android 4.2[2] Apple iOS 6[3] Apple OSX 10.8 [4] Blackber ry 10.1 (EMM Corporat e) [5] Blackber ry 10.1 (EMM Regulate d) [6] Google Chrome OS 26 [7] Ubuntu 12.04 [8] Window s 7 and 8 [9] Window s 8 RT [10] Window s Phone 8 [11]
  • 4. -se Analysis Incident Respons e GREEN 5 9 7 8 5 9 8 9 8 7 7 ORANGE 6 2 4 4 6 2 3 3 4 4 3 RED 1 1 1 0 1 1 1 0 0 1 2 As you can see from the table the only OS that passes as many as 9 requirements without any “Significant Risks” as independently assessed by CESG is Ubuntu 12.04 LTS. So, what about the 3 sections that have comments: VPN, Disk Encryption and Secure Boot? VPN The comments made by CESG were that “The built-in VPN has not been independently assured to Foundation Grade.” This means that the software does meet all the technical requirements of security to pass the assessment, but that the software itself has not been independently assessed to make sure that it hasn’t been tampered with during the development process. You can also see from the comments made on each detailed assessment that nobody meets this requirement fully at this time. The best you can hope for is technical compliance with independent assessment pending, which is the case for Ubuntu 12.04 or independent assessment complete but missing technical features, like Windows 8, for example. The independent assessment work for Ubuntu is being carried out by a partner and we expect CESG to provide additional guidance for meeting this requirement fully, in due course. We expect that this will be also available in time for the upcoming release of Ubuntu
  • 5. 14.04 LTS and if so we expect to fully meet this requirement in this release. Disk Encryption Disk encryption is a similar case to the VPN assessment. For Ubuntu 12.04, CESG states: “LUKS and dm-crypt have not been independently assured to Foundation Grade.” LUKS and dm-crypt are used on Ubuntu to encrypt the data on the hard disk and to decrypt the data when starting up, by requesting a password from the user. Without the password, the computer cannot start the operating system or access any of the data. The technical requirements are all met, but the software has not been through an independent assessment to prove that it has not been tampered with in development. So, the independent assessment still needs to be done for LUKS and dm-crypt on Ubuntu to pass this requirement. However, every other operating system on the list has also yet to pass an independent assessment, but Ubuntu meets all the technical requirements already and we just need a sponsor to put the software through the assessment process. Secure Boot Secure boot is a Microsoft technology invented in co-operation with OEMs to ensure that software cannot be tampered with after the hardware has been shipped from the factory. It has provoked much debate in security circles, as the ability to install any software which you can control is desirable from a security perspective. The German government recently criticised secure boot [12] as preventing installation of specialised secure operating systems after sale of hardware. Ubuntu’s response, from Ubuntu 12.10 onwards is to adopt Grub2 as the default bootloader, with support for Secure Boot, but with an ability to turn off secure boot to modify the OS, if required. This is explained in John Melamut’s blog post here [13]. We believe this
  • 6. gives users and enterprises the best compromise between security and ability to customise after sale. Summary All in all Ubuntu 12.04 LTS stacks up as the most secure of the current desktop and mobile operating systems. Supported by Canonical with free security updates for 5 years, and without malware problems, it’s hard to beat in official public sector applications. We are working hard to close the gap and make Ubuntu clearly stand out as the most trustworthy operating system for the future and we hope to make excellent progress before our next LTS release in April 2014, 14.04 LTS, which will be even better. Darryl Weaver Sales Engineer, EMEA, Canonical Further Reading The original CESG guidance is available to read here: https://www.gov.uk/government/collections/end-user-devices-security-guidance--2 References [1] https://www.gov.uk/government/publications/end-user-devices-security-guidance-android-42 [2] https://www.gov.uk/government/publications/end-user-devices-security-guidance-samsung-devices-with-android-42 [3] https://www.gov.uk/government/publications/end-user-devices-security-guidance-apple-ios-6 [4] https://www.gov.uk/government/publications/end-user-devices-security-guidance-apple-os-x-108 [5] https://www.gov.uk/government/publications/end-user-devices-security-guidance-blackberry-101-emm-corporate [6] https://www.gov.uk/government/publications/end-user-devices-security-guidance-blackberry-101-emm-regulated [7] https://www.gov.uk/government/publications/end-user-devices-security-guidance-google-chrome-os-26 [8] https://www.gov.uk/government/publications/end-user-devices-security-guidance-ubuntu-1204 [9] https://www.gov.uk/government/publications/end-user-devices-security-guidance-windows-7-and-windows-8 [10] https://www.gov.uk/government/publications/end-user-devices-security-guidance-windows-8-rt [11] https://www.gov.uk/government/publications/end-user-devices-security-guidance-windows-phone-8 [12] http://www.bmi.bund.de/SharedDocs/Downloads/DE/Themen/OED_Verwaltung/Informationsgesellschaft/trusted_computing_eng.html