Deliverable 6.1 - Identifying best practices and recommendations
This document identifies a set of 60 best practices already implemented by both small and medium enterprises (SMEs) and large enterprises (LEs) in terms of security & trust for Internet-based services. The scope of the best practices, and the recommendations that follow them are necessarily wide. They cover not just technical security matters, but also best practices that are essential in helping users to trust online services, in areas such as user experience and brand promise. Finally, we assess best practices of certification and self-assurance schemes. This study complements other work undertaken in the other TRUESSEC work packages and by other organisations, such as ENISA1 (which we conclude is doing excellent work in this field).