Citation[]
NCSC, Secure by Default Platforms (Sept. 28, 2016) (full-text).
Overview[]
"Platforms that are not secure by default cannot represent commercial good practice, and should not be relied upon to protect sensitive data. . . . [The rest of this] paper will discuss desired characteristics of secure platforms; showing some ideas on how a concerted effort might be made to drive fundamental improvements in platform security. We aim to reduce the risk of a single vulnerability allowing a platform to be exploited. We will also suggest a practical example of how some of these characteristics could be provided."