Back in 2014 we held an unconference aimed at creating a conversation between technologists across government. The event, dubbed StackTech, turned out to be a big success and led to discussions still going on today, like how to improve reuse …
Traditional security processes and ‘security says no’ can often seem to block progress in agile environments but there are ways to build software securely without compromising agility. It’s all about ensuring security is built into your development best practices so …
We recently ran a one-day workshop on web security for technologists at the Government Digital Service (GDS). Security is a topic where lots of people lack confidence in their skills so we thought it was a valuable area to focus …
I spoke recently at the Business Reporter’s Data Security in the Cloud event about how security has changed to face the reality of the modern internet era. The old world of assurance and compliance and ‘security says no’ won't cut …
Back in 2012, GDS released some security guidelines for government services. Although we’re aware individual services have continually upgraded their own security practices, we’re now updating the guidelines to improve how we secure government services overall. We’ll be making 2 …
The GOV.UK team recently had a firebreak to repay some technical debt, experiment with things we might not otherwise have the chance to, and prepare for how we're going to iterate the site in 2015. I looked at implementing Content Security Policy …
GOV.UK