answer text |
<p>High Risk Vendor (HRV) is a term applied to vendors in the UK telecoms network
whose presence may increase security risks for operators – at the present time only
Huawei and ZTE have been assessed as HRVs for this purpose.</p><p>Following further
changes to the US sanctions on Huawei, announced in August 2020, the National Cyber
Security Centre (NCSC) is assessing the impact to owners of Huawei and Honor-branded
devices in the UK. The change in sanctions may mean that services used by Huawei devices
and software updates may, for some products, cease. Devices which can no longer be
supported with updates, or access services and app stores, are at increased risk of
becoming compromised by criminals if a security vulnerability is discovered. Owners
of these devices are encouraged to follow advice which can be found on the NCSC website:
<a href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ncsc.gov.uk%2Finformation%2Fhuawei-advice-what-you-need-to-know&data=02%7C01%7Cncscparliament%40ncsc.gov.uk%7C65ab42768f5b44bc133c08d84b66b19a%7C14aa5744ece1474ea2d734f46dda64a1%7C0%7C0%7C637342251723920851&sdata=FZ0m35k7rBk5iUq2eebhCQ6B%2FMENB8R6uK4gssm5tFk%3D&reserved=0"
target="_blank">Huawei advice: what you need to know</a>, and organisations where
employees use personal Huawei devices to access business data and applications, such
as email, instant messaging, and office applications, should refer to the NCSC <a
href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ncsc.gov.uk%2Fcollection%2Fmobile-device-guidance%2Fbring-your-own-device%23section_3&data=02%7C01%7Cncscparliament%40ncsc.gov.uk%7C65ab42768f5b44bc133c08d84b66b19a%7C14aa5744ece1474ea2d734f46dda64a1%7C0%7C0%7C637342251723920851&sdata=WLlVPHpGnbMMYp6zO1Uyxp7uH6N%2BD83VbnUSADOWXkM%3D&reserved=0"
target="_blank">guidance on BYOD</a>.</p><p> </p><p>The NCSC regularly updates its
advice and guidance for individuals, families and businesses on a range of cyber security
related topics. DCMS and NCSC have, in partnership, worked to protect consumers and
the wider economy from the range of harms that can arise from vulnerable consumer
connected devices. A proposal to mandate basic security principles via regulation
is currently open for a Call for Views, with the ambition to introduce legislation
as soon as parliamentary time becomes available.</p><p> </p>
|
|