scope:

This standard applies to information and IT networks that are owned, operated or supported by, or on behalf of, TfL. 

'Endpoints' or 'devices' are physical equipment or virtual machines that use or store digital information to provide a service. This includes:

a) servers, both physical and virtual

b) desktop devices including 'thick' and 'thin' clients

c) portable devices, including laptops and tablet computers (full OS)

d) mobile devices, including tablet computers and smartphones (lite OS)

e) wearable devices, including smart-watches and smart-glasses

f) printers and multi-function devices that are connected to TfL systems and networks

g) any peripherals and accessories used with any of the above that can store or process TfL information, including sensors or devices that make up the Internet of Things (IoT)

h) removable media, such as USB, CDs or portable hard drives.

Purpose

The purpose of this standard is to detail the security controls that must be in place to establish secure builds and configurations on all endpoints or devices used on TfL networks and how they must be implemented in line with the secure builds and configurations policy.