In June we blogged about work we were doing to update our security guidelines for government digital services. Since then we've been busy working with teams across government to update services ready for the changes. Thank you to the teams …
At GOV.UK Verify we take users’ security very seriously. Online security is constantly changing, and we need to be up to date at all times. We regularly update the service’s frontend to ensure it’s running the most secure and recent …
Back in 2014 we held an unconference aimed at creating a conversation between technologists across government. The event, dubbed StackTech, turned out to be a big success and led to discussions still going on today, like how to improve reuse …
Traditional security processes and ‘security says no’ can often seem to block progress in agile environments but there are ways to build software securely without compromising agility. It’s all about ensuring security is built into your development best practices so …
We recently ran a one-day workshop on web security for technologists at the Government Digital Service (GDS). Security is a topic where lots of people lack confidence in their skills so we thought it was a valuable area to focus …
I spoke recently at the Business Reporter’s Data Security in the Cloud event about how security has changed to face the reality of the modern internet era. The old world of assurance and compliance and ‘security says no’ won't cut …
Back in 2012, GDS released some security guidelines for government services. Although we’re aware individual services have continually upgraded their own security practices, we’re now updating the guidelines to improve how we secure government services overall. We’ll be making 2 …
The GOV.UK team recently had a firebreak to repay some technical debt, experiment with things we might not otherwise have the chance to, and prepare for how we're going to iterate the site in 2015. I looked at implementing Content Security Policy …
GOV.UK