More security updates!

Below are notes and recommendations for the security process to go to the Government Information Assurance Group.

Security process to proposed to Information Assurance Group for decision making for the UK pilot and to inform the European pilots. These are the notes to go to IA, once a decision is passed, a design can be formulated together for IA to look at.

Requirements To use iPads to access 'Zappar' app to facilitate a EU funded research into the benefits of AR in a young person’s prison environment. • Internet access to the Zappar website (whitelist this site only) • iPads to run the Zappar application • MDM software to lock down the iPads so that: o Only the Zapper app can be used o Only the designated WIFI SSID can be used • ADSL line for Internet access • Firewall to control access to the Zappar website and log Internet access (or VPN back to Manchester and then through 3020's? better option as logging will be in Panorama) Thoughts • Where is the teaching taking place? • Is there an ADSL or similar nearby we could use?

Proposed Design Test Work Test that iPad can be locked down to Zappar app and screenshots and video cannot be recorded (MaaS360?) Get a firewall and test whitelisting and logging (Palo Alto? Could it be added to our Panorama?) Would it need pen testing?