Make things secure

Keep systems and data safe with the appropriate level of security.

To meet point 6 of the Technology Code of Practice your plan or design must show how you are securing data and systems.

You’ll have to explain how you’re doing this as part of the spend control process.

Build security in from the start of your project or programme

Include security at the start of the project. Have your team involved in making each element secure instead of your security experts adding technical countermeasures to a finished product.

Training users and having clear processes are important for security, as is doing realistic threat assessments and taking a balanced approach to managing risk.

Plan how to deny, and quickly recover from, malicious access. Make sure you have processes in place to record information about any attacks and use this data to improve defences.

How to secure your technology

Choose the appropriate level of security for your technology project or programme. Consider the risks and have processes in place to mitigate against them and improve time to recovery.

You can protect your data and infrastructure by:

You can find further information on the following security topics in the technology security guidance list:

  • cloud security
  • cyber security
  • addressing cyber attacks and fraud
  • securing data and consent
  • digital service security
  • email security
  • passwords
  • phishing
Published 6 November 2017