https://github.com/studio24/security-principles

An overview of security principles we follow at Studio 24
https://github.com/studio24/security-principles

Last synced: 3 months ago
JSON representation

An overview of security principles we follow at Studio 24

• Host: GitHub
• URL: https://github.com/studio24/security-principles
• Owner: studio24
• License: cc-by-sa-4.0
• Created: 2022-11-11T11:53:44.000Z (over 3 years ago)
• Default Branch: main
• Last Pushed: 2023-01-25T14:33:14.000Z (over 3 years ago)
• Last Synced: 2025-02-25T18:04:52.148Z (over 1 year ago)
• Size: 54.7 KB
• Stars: 1
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE
  • Audit: audit-information-and-alerting.md
  • Codeowners: .github/CODEOWNERS
  • Governance: governance-framework.md

Awesome Lists containing this project

README

          
# Security principles

We take security seriously at Studio 24. Our security principles are detailed here. These principles are approved by Simon Jones, Managing Director.

We follow the National Cyber Security Centre (NCSC) [cloud security principles](https://www.ncsc.gov.uk/collection/cloud/the-cloud-security-principles).

## Accreditation

Studio 24 is [Cyber Essentials Plus](https://www.ncsc.gov.uk/cyberessentials/overview) accredited.

* [Cyber Essentials Plus](https://registry.blockmarktech.com/certificates/7236b381-e563-41ee-a078-109101c5c6e7/), Certificate ID 7236b381-e563-41ee-a078-109101c5c6e7, expires 27/01/2027

* [Cyber Essentials](https://registry.blockmarktech.com/certificates/ddcbfcd8-ffc6-4ed7-a788-ac27e7deabe5/), Certificate ID ddcbfcd8-ffc6-4ed7-a788-ac27e7deabe5, expires 31/10/2026 

 

## Contents

* Introduction (this page)

* [Secure development](secure-development.md)

* [Supported versions](supported-versions.md)

* [Data privacy and GDPR](data-privacy.md)

* [Data breaches](data-breaches.md)

* [Email security](email-security.md)

### NCSC cloud security principles

* [Data in transit protection](data-in-transit-protection.md)

* [Asset protection and resilience](asset-protection-and-resilience.md)

* [Separation between customers](separation-between-customers.md)

* [Governance framework](governance-framework.md)

* [Operational security](operational-security.md)

* [Personnel security](personnel-security.md)

* [Secure development](secure-development.md)

* [Supply chain security](supply-chain-security.md)

* [Secure user management](secure-user-management.md)

* [Identity and authentication](identity-and-authentication.md)

* [External interface protection](external-interface-protection.md)

* [Secure service administration](secure-service-administration.md)

* [Audit information and alerting](audit-information-and-alerting.md)

* [Secure use of service](secure-use-of-service.md)

## Contributing

Any Studio 24 staff member can contribute to this repo. Just create a branch, make your changes and create a Pull Request (PR) to merge changes into the main branch. All changes to the main branch require approval from Simon.

We maintain a [changelog](CHANGELOG.md) for this project.

## About Us

[Studio 24](https://www.studio24.net) is a human-centred digital agency based in Cambridge, UK, servicing clients across the UK, USA and Europe. 

## License

![Creative Commons license](https://i.creativecommons.org/l/by-sa/4.0/88x31.png)

This work is licensed under a [Creative Commons Attribution-ShareAlike 4.0 International License](https://creativecommons.org/licenses/by-sa/4.0/).