UNLIMITED FREE ACCESS TO THE WORLD'S BEST IDEAS

close

LUL - S1741

Cloud cyber security

active, Most Current
Organization: LUL
Publication Date: 1 March 2018
Status: active
Page Count: 7
scope:

The standard applies to all cloud based services and data owned by TfL or operated and supported by third parties for or on behalf of TfL, unless otherwise stated in contracts or covered by business unit specific operational policies or standards.

Any IT or Operational Technology which is built on or hosted using infrastructure, platform or software as a service (see 3.1) offering is defined as being cloud based.

Responsibility for security controls on cloud services is split between the TfL system owner and the service provider, depending on the level of control which has been procured. All contracts with suppliers for cloud services must clearly outline the boundary of responsibilities for security patching and include a security schedule.

Purpose

This standard details the cyber security requirements for all cloud deployment and how they must be implemented in line with TfL's cyber security policies.

Document History

S1741
March 1, 2018
Cloud cyber security
The standard applies to all cloud based services and data owned by TfL or operated and supported by third parties for or on behalf of TfL, unless otherwise stated in contracts or covered by business...
July 1, 2017
Cloud cyber security
The standard applies to all cloud based services and data owned by TfL or operated and supported by third parties for or on behalf of TfL, unless otherwise stated in contracts or covered by business...

References

Advertisement