National Cyber Security Centre calls for public sector partners to develop new approaches to user identification
The National Cyber Security Centre (NCSC) has called on public sector organisations to join a repeat of its Secure by Default Partnership Programme, aimed at promoting best practice in reducing the reliance on passwords.
The government cyber security body said the programme will not be limited to a specific technology but there will be a preference for open standards. It wants participants that handle information classified at OFFICIAL level to come up with equally or more secure alternatives to using passwords for IT security.
It is offering funding up to £25,000 per project, technical support and guidance on accreditation and Public Services Network compliance for organisations to adopt new technologies and report on their experiences.
Decisions on funding will depend on how the technology can change the operation of an organisations, how much control they have over their IT estate, and how quickly they can begin integrating the technology.
“The technologies we’ve chosen for the case studies already exist in commercial products and are fully supported by their manufacturers,” the NCSC says in the programme briefing. “Use of the new technologies is currently limited in the public sector; we’re trying to increase their uptake by showing how they can improve the way staff use IT.”
Applications are open until 30 June, and the case studies should be completed by the beginning of March next year.
NCSC has been challenging attitudes towards the use of passwords in IT security: late last year it published advice against changing them frequently, followed by assurance that it is acceptable to paste them into log-ins.
The centre also said it is also planning to publish a selection of case studies on the deployment of authentication using Windows 10 in the public sector, which emerged from its recent CyberUK in Practice conference.
Image by Automobile Italia, CC BY 2.0 through flickr