Here is, the end user devices Security Guidance: Windows 7 and Windows 8 according to the CESG.
Updated 14 October 2013, this guidance captured by Connectikpeople.co, is
applicable to devices running Enterprise versions of Windows 7 and Windows 8,
acting as client operating systems, which include BitLocker Drive Encryption,
AppLocker and Windows VPN features.
Therefore Connectikpeople.co can observe that this guidance was developed
following testing performed on a logo compliant device running Windows 7 SP1
and Windows 8.0 respectively. The guidance for Windows 7 and Windows 8 seems
broadly similar,
and so is combined for simplicity.
Regarding
the usage scenario which includes for example:
- accessing Official email;
- creating, editing, reviewing and commenting on Official documents;
- accessing the Official intranet resources, the internet and other web-resources.
The report recommends the following architectural choices:
- All data should be routed over a secure enterprise VPN to ensure the confidentiality and integrity of the traffic, and to benefit from enterprise protective monitoring solutions.
- Arbitrary third-party application installation by users is not permitted on the device.
- Applications should be authorised by an administrator and deployed via a trusted mechanism.
For more informations, click here or you can also see How the Platform Can Best
Satisfy the Security Recommendations .