BladeSec IA Logo

Company Information

Introduction
Company principles
> Certifications and qualifications
Why choose BladeSec IA?
News and comment <

Products and Services

Typical work
Engaging us
Specific highlights

Travel Advice

More

Contact us
Privacy statement
Terms and conditions
Environment statement
Equality and diversity statement
 

Archived news and comment from 2012.

Please note: Because this is an archive of articles published on the BladeSec IA website in 2012, not all links may work.

News: 2012/12/23 - The End of the World
BladeSec IA are pleased to announce that despite the Mayan prophecies and all the doom-mongering, The World did not end and The Sun did indeed rise this morning.

Once again, BladeSec IA are delighted to reveal that they provided the business continuity and disaster recovery consultancy to "The World" to ensure the safe and continued operation of "The Sun" and all life support and management systems.

Merry Christmas!

Comment: 2012/11/12 - Apple iOS 6 and Restricted
As I predicted, the general IT press are reporting (or hinting strongly) that Apple's latest iOS6 is good for HMG Restricted information. This follows revised guidance being issued by the National Technical Authority for Information Assurance, CESG.

Whilst Apple have made significant improvements to iOS6 (and undoubtedly will continue to do so), it strikes me that any organisation that adopts iOS for Restricted needs to be fairly open to risk. The official evaluation lists a number of residual risks, some of which I consider to be quite significant. There are other issues relating to the management of the device that could have a security knock-on effect too.

I suspect that Apple will probably nail it in the next release, however it still remains a concern that they have had their FIPS140 evaluation sitting at "Review Pending" for almost 2 years.

News: 2012/10/25 - New IS1 / IS2 Training
Owen Birnie originally wrote an acclaimed training course for his previous employer that covered Risk Assessments, RMADS and Accreditation. His development of it pre-dated CESG's now mandatory requirement to license their material. BladeSec IA have entered into discussions with a view to once again being able to provide similar accredited and licensed training courses. More in the next month or so.

News: 2012/10/24 - CESG Press Release
BladeSec IA are proud to be involved in this.

Comment: 2012/09/17 - IAP End point
At long last I have an IAP end point. It's taken a while and required an entirely new laptop (because I was unable to ascertain if and how the TPM had ever been activated on my original laptop) and a new version of Windows 7 Ultimate, Service Pack 1 amongst other things. A great deal of help came from an individual with a huge expertise in BitLocker (Thanks to A.S.) but I'm proud of the fact that I managed to solve the disk configuration issue first. All in all, I actually found it a valuable experience. All too often CLAS Consultants say "BeCrypt Disk Protect Baseline" without understanding the options. What about BitLocker? What about PGP? What about TrueCrypt? What are the benefits? What are the risks?