Guidance to help you assess the security of voice, video and messaging communication services.
Our blog introduces this guidance.
The guidance is an alpha release that we'd like to share with the community for comment. We welcome any feedback, especially from vendors of communication services, that could help the NCSC improve and finalise the secure communication principles. You can create an issue or e-mail us on scpfeedback@ncsc.gov.uk.
Modern technology provides a wealth of options for communicating in the workplace, which now includes voice, email, group messaging, and video.
This guidance contains a set of principles that can help all organisations make sound security decisions when selecting the products and services that provide secure communications. It is aimed at risk owners and security professionals who wish to assess communication technologies for their organisations, to help them achieve the right balance of functionality, security and privacy.
It is of particular relevance for those working in government and the public sector.
- Protect data in transit
- Protect network nodes with access to sensitive data
- Protect user access to the service
- Ensure secure audit of communications is provided
- Allow administrators to securely manage users and systems
- Use metadata only for its necessary purpose
- Assess supply chain for trust and resilience