The new security guidance covers BlackBerry 10.2.1, Android 4.4 and Chrome OS is designed to help public sector security architects, system administrators and individual public sector workers as they deploy and use new devices at the 'official' level, the lowest level of security clearance used in government.
The guidance from CESG — part of surveillance agency GCHQ — provides configuration advice for devices, and aims to "take a balanced approach between security and usability for remote or mobile working devices" by helping to reduce common risks to an organisation's information while still providing flexibility and ease of use.
CESG said that the guidance does not mean the operating systems are approved or endorsed by CESG – rather, it is aiming to help organisations to understand and manage the issues associated with the different devices as part of their standard risk management processes.
The new advice builds on the Cabinet Office's End User Device Security Framework, providing detail as to how the BlackBerry and Google OSes can be configured to achieve the security recommendations contained in the Framework.
The guidance contains advice on system architectures; details of particular configuration choices for each platform; and notes particular security risks and issues that organisations need to be aware of.
To help public sector organisations to reuse devices more securely, CESG has new draft guidance on resetting devices. It said minor updates have also been published this week for the guidance on iOS 7, Windows 7 and Windows 8.1. Samsung Knox guidance was published in May.