We’ve just updated our Application development guidance.
In addition to the existing Android and Apple iOS guidance, we’re pleased to announce that we’ve added a new section for the Windows platform. If you’re looking to create your own bespoke applications, or going to use third party applications, these documents will explain key security principles that will provide you with more confidence about the security of the product.
The development aspect concentrates on technical details, covering topics such as (for example) how to secure the data on the device and data in transit.
The procurement section includes a set of suggested questions that you can ask when purchasing a third party application, and examples of sensible corresponding responses you should expect. Their answers will help you gain more (or less) confidence about the security of their products.
For each platform, we’ve also provided guidance to help you securely deploy the application, should it be from a third party organisation, or via an in-house application.
As with all our guidance, we really appreciate any feedback you have, about the content or the layout (or anything else). You can get in touch using the Contact Us page, or use the comments below.
Tom W
EUD Security Researcher
Source: National Cyber Security Centre
