UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

LUL - S1741

Cloud cyber security

inactive, Most Current
Organization: LUL
Publication Date: 1 March 2018
Status: inactive
Page Count: 7
scope:

The standard applies to all cloud based services and data owned by TfL or operated and supported by third parties for or on behalf of TfL, unless otherwise stated in contracts or covered by business unit specific operational policies or standards.

Any IT or Operational Technology which is built on or hosted using infrastructure, platform or software as a service (see 3.1) offering is defined as being cloud based.

Responsibility for security controls on cloud services is split between the TfL system owner and the service provider, depending on the level of control which has been procured. All contracts with suppliers for cloud services must clearly outline the boundary of responsibilities for security patching and include a security schedule.

Purpose

This standard details the cyber security requirements for all cloud deployment and how they must be implemented in line with TfL's cyber security policies.

Document History

S1741
March 1, 2018
Cloud cyber security
The standard applies to all cloud based services and data owned by TfL or operated and supported by third parties for or on behalf of TfL, unless otherwise stated in contracts or covered by business...
S1741
July 1, 2017
Cloud cyber security
The standard applies to all cloud based services and data owned by TfL or operated and supported by third parties for or on behalf of TfL, unless otherwise stated in contracts or covered by business...

References

This document references:
S1737 - Secure builds and configurations
Published by LUL on March 1, 2018
This standard applies to information and IT networks that are owned, operated or supported by, or on behalf of, TfL. ‘Endpoints’ or ‘devices’ are physical equipment or virtual machines that use or...
This document references:
S1739 - Security patching
Published by LUL on March 1, 2018
This standard applies to all Information Technology and data owned by TfL or operated and supported by third parties for or on behalf of TfL. This includes: a) User devices, including ‘thick’ and...
This document references:
S1740 - Cryptography
Published by LUL on March 1, 2022
Scope The standard applies to all Information Technology (IT), cyber security and technical employees who have responsibilities for cryptography protocols, implementation of security certificates and...
This document references:
S1745 - Cyber security vulnerability management
Published by LUL on March 1, 2018
The standard is for use by system owners, System Administrators and the Cyber Security and Incident Response Team (CSIRT). The standard applies to information, IT Devices, networks, endpoints and...
This document is referenced by:
S1749 - Secure Software, application and web development
Published by LUL on March 1, 2018
This standard applies to Software, application and web development teams, product managers, business analysts and any Technology and Data (T&D) staff involved in the development of Software,...
This document is referenced by:
S1752 - SSR Operational Technology: Cyber Security Protection
Published by LUL on November 1, 2018
This standard applies to TfL and LU staff, as well as Third Parties, when performing or overseeing O&M activities on SSR Operational Systems and Assets. This standard refers to the Cyber Security...
This document is referenced by:
S1755 - Cyber security of personal devices
Published by LUL on February 1, 2019
The standard partly applies to everyone in TfL who has a personal device for accessing TfL data. The technical content also applies to the End User Computing (EUC) team in Technology and Data (T&D)...
This document is superseded by:
S1736 - Network Information Security
Published by LUL on March 1, 2022
This standard applies to all employees and third parties who have responsibilities for network, email and information transfer within TfL with specific focus on Infrastructure, Information...
This document is superseded by:
S1736 - Network Information Security
Published by LUL on March 1, 2022
This standard applies to all employees and third parties who have responsibilities for network, email and information transfer within TfL with specific focus on Infrastructure, Information...
View Less
View All
Advertisement