{"id":19952032,"url":"https://github.com/studio24/security-principles","last_synced_at":"2026-03-19T12:44:17.732Z","repository":{"id":72851438,"uuid":"564744392","full_name":"studio24/security-principles","owner":"studio24","description":"An overview of security principles we follow at Studio 24","archived":false,"fork":false,"pushed_at":"2023-01-25T14:33:14.000Z","size":56,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-02-25T18:04:52.148Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"cc-by-sa-4.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/studio24.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":"audit-information-and-alerting.md","citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":"governance-framework.md","roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-11-11T11:53:44.000Z","updated_at":"2023-01-25T15:42:29.000Z","dependencies_parsed_at":null,"dependency_job_id":"e9692e39-bc7b-4591-a33a-03abfc075f15","html_url":"https://github.com/studio24/security-principles","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/studio24%2Fsecurity-principles","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/studio24%2Fsecurity-principles/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/studio24%2Fsecurity-principles/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/studio24%2Fsecurity-principles/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/studio24","download_url":"https://codeload.github.com/studio24/security-principles/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":241381646,"owners_count":19953751,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-13T01:11:17.275Z","updated_at":"2026-02-26T03:56:23.944Z","avatar_url":"https://github.com/studio24.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# Security principles\n\nWe take security seriously at Studio 24. Our security principles are detailed here. These principles are approved by Simon Jones, Managing Director.\n\nWe follow the National Cyber Security Centre (NCSC) [cloud security principles](https://www.ncsc.gov.uk/collection/cloud/the-cloud-security-principles).\n\n## Accreditation\nStudio 24 is [Cyber Essentials Plus](https://www.ncsc.gov.uk/cyberessentials/overview) accredited.\n\n* [Cyber Essentials Plus](https://registry.blockmarktech.com/certificates/7236b381-e563-41ee-a078-109101c5c6e7/), Certificate ID 7236b381-e563-41ee-a078-109101c5c6e7, expires 27/01/2027\n* [Cyber Essentials](https://registry.blockmarktech.com/certificates/ddcbfcd8-ffc6-4ed7-a788-ac27e7deabe5/), Certificate ID ddcbfcd8-ffc6-4ed7-a788-ac27e7deabe5, expires 31/10/2026 \n \n## Contents\n\n* Introduction (this page)\n* [Secure development](secure-development.md)\n* [Supported versions](supported-versions.md)\n* [Data privacy and GDPR](data-privacy.md)\n* [Data breaches](data-breaches.md)\n* [Email security](email-security.md)\n\n### NCSC cloud security principles\n\n* [Data in transit protection](data-in-transit-protection.md)\n* [Asset protection and resilience](asset-protection-and-resilience.md)\n* [Separation between customers](separation-between-customers.md)\n* [Governance framework](governance-framework.md)\n* [Operational security](operational-security.md)\n* [Personnel security](personnel-security.md)\n* [Secure development](secure-development.md)\n* [Supply chain security](supply-chain-security.md)\n* [Secure user management](secure-user-management.md)\n* [Identity and authentication](identity-and-authentication.md)\n* [External interface protection](external-interface-protection.md)\n* [Secure service administration](secure-service-administration.md)\n* [Audit information and alerting](audit-information-and-alerting.md)\n* [Secure use of service](secure-use-of-service.md)\n\n## Contributing\n\nAny Studio 24 staff member can contribute to this repo. Just create a branch, make your changes and create a Pull Request (PR) to merge changes into the main branch. All changes to the main branch require approval from Simon.\n\nWe maintain a [changelog](CHANGELOG.md) for this project.\n\n## About Us\n\n[Studio 24](https://www.studio24.net) is a human-centred digital agency based in Cambridge, UK, servicing clients across the UK, USA and Europe. \n\n## License\n\n![Creative Commons license](https://i.creativecommons.org/l/by-sa/4.0/88x31.png)\n\nThis work is licensed under a [Creative Commons Attribution-ShareAlike 4.0 International License](https://creativecommons.org/licenses/by-sa/4.0/).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstudio24%2Fsecurity-principles","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstudio24%2Fsecurity-principles","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstudio24%2Fsecurity-principles/lists"}