Research & TrendsMemset says government wants to push data onto public cloud

Memset says government wants to push data onto public cloud

G-Cloud SME supplier Memset has applauded the government on the recent changes to the security classifications which they believe demonstrates a desire to push more data and applications into the public cloud.

G-Cloud SME supplier Memset has applauded the government on the recent changes to the security classifications which they believe demonstrates a desire to push more data and applications into the public cloud.

The changes in the security requirements for the ‘Secret’ and ‘Top Secret’ tiers are minimal, however, the changes to the lower tier are more significant as the new policy consolidates national ‘Not Protectively Marked’, ‘Protect’, ‘Restricted’, and some ‘Confidential’ information under GPMS into the single ‘Official’ tier.

The ‘Official’ tier allows for particularly sensitive ‘Official’ information to be identified using an additional handling caveat ‘Sensitive’.

Memset, who recently secured IL3 or ‘Official over PSN’ accreditation from CESG, welcome the changes from the Government. MD, Kate Craig-Wood, said:

The old impact levels system was hugely complex and poorly understood, which created a significant barrier to entry for many companies, especially SMEs. This simplification will greatly open up the public services ICT market.

Collapsing lower security tiers into one is also a clear indication from the Cabinet Office of an appetite to push more services into the public cloud. This is great news and is the only way the full potential savings of G-Cloud will be unlocked. In my expert opinion, there is absolutely no reason why the majority of government ICT should not be conducted using British, high-security public cloud providers via the normal Internet, using existing encryption technologies.

As a pioneer in obtaining our IL3-PSN accreditation we were significantly hampered by a lack of transparency around requirements. The mooted publication of all non-protectively marked security guidance documents, previously hoarded by CLAS consultants and CESG, is most welcome. It is important that SMEs can assess the requirements rather than being scared off by fear, uncertainty and unnecessary complexity.

I also hope that they will work with Industry in developing the new standards, which I expect are quite “skeletal” at this stage. For example, do we need central accreditation at all? Banks have been managing ultra-high InfoSec for years without a central accreditor, instead relying on approaches including robust penetration testing to deliver provable security. This is a time of opportunity to do things better and cheaper,” concluded Craig-Wood.

Related Articles

Seven digital government trends to look out for in 2018

Adult Social Care Seven digital government trends to look out for in 2018

4y Austin Clark
UK falling behind in government digitisation according to report

Data Insight UK falling behind in government digitisation according to report

5y Austin Clark
Desire to deliver better customer service is driving the next phase of digital transformation

Digital Transformation & Change Desire to deliver better customer service is driving the next phase of digital transformation

5y Austin Clark
Could immersive collaboration tools optimise public sector work?

Digital Transformation & Change Could immersive collaboration tools optimise public sector work?

5y Austin Clark
Top 10 strategic technologies for Government

Digital Transformation & Change Top 10 strategic technologies for Government

5y Austin Clark
Digital skills and sharing key to public service transformation, survey finds

Digital Skills Digital skills and sharing key to public service transformation, survey finds

5y Austin Clark
UK public sector faces major DNS threat and rising cost of security breaches, survey finds

Cyber Security UK public sector faces major DNS threat and rising cost of security breaches, survey finds

5y Austin Clark
Five reasons cyberattacks succeed

Cyber Security Five reasons cyberattacks succeed

5y Austin Clark