The Channel logo


By | Gavin Clarke 3rd April 2012 14:17

G-Cloud rep: We'll mop up data breach flood with red tape

Security accreditation is vital, says MoJ ICT manager

The government is speaking out about “myths and confusion” surrounding its plans for security accreditation on G-Cloud.

A civil servant working on No 10’s big IT catalogue has re-assured Whitehall types that G-Cloud accreditation is most certainly not an unnecessary piece of bureaucracy. She has also warned, however, that just because a service is officially authorised doesn’t necessarily mean it is right for them.

G-Cloud Ministry of Justice representative Emma Gawen has also used the opportunity to bang the drum for accreditation, saying it will help make government tech systems safer and more secure while also making it easier for suppliers and government to work together.

Gawen, an ICT manager at the MoJ, took over the task of communicating about G-Cloud security accreditation plans in February, but it seems progress has quickly hit rough water.

“During my time working in government and on the G-Cloud programme one thing has become very clear: there is an awful lot of confusion about accreditation,” Gawen said here.

Without pointing fingers, Gawen reckoned there’s a sense that accreditation is "just unnecessary bureaucracy".

“To be honest, I can see why you might say that, but it’s not true,” she said.

Accreditation is being handled by the Pan Government Accreditation Service (PGAS), and takes place every 12 months.

She stressed the need for consistent security controls to help reduce growing data security breaches in the public sector and repair the loss of public confidence breaches are causing.

“Some might say that government’s accreditation process is overly laborious, but ensuring security controls are implemented properly has to be thorough to be any use. G-Cloud is working to reduce the burden considerably,” Gawen said.

Meanwhile, just because a product or service makes the G-Cloud list doesn’t make it automatically safe for everybody.

According to Gawen, it’s wrong to assume once a service is accredited for G-Cloud, anyone can use it. She suggested, instead, that prospective G-Cloud users match products and services with their requirements on case-by-case basis. “The nature of the information to be handled by a given service could vary significantly, and therefore so could the impact of compromise,” she said. ®


The UK government should follow Iceland's lead and move to Linux, according to a new e-petition. Given the fashion for austerity, petitioner Stephen Hargreaves has said Whitehall should stop paying “hefty licensing costs” to Microsoft – Windows is running the vast majority of UK government IT systems, he says – and move to Linux. Hargreaves reckons on substantial savings following initial migration and training costs. Microsoft's National Technology Officer Mark Ferrar takes a different view of this type of argument, here.

You can see the petition here: it will be submitted at the end of September 2012. ®

comment icon Read 1 comment on this article alert Send corrections


Alexandre Mesguich

Change is order of day as tech giants shift strategy gears

Frank Jennings

Confused? No problem, we have 5, no 6, no 7... lots of standards

Chris Mellor

VC sequence could end not with a bang, but a whimper
Sad man stares glumly over boxed contents of desk. Image via shutterstock (Baranq)


money trap conceptual illustration
Big boys snare the unwary with too-good-to-be-true deals
Angus Highland cow
Pet carriers not wanted for whitebox stampede
Sorry OpenStack and Open Compute, we're not all Facebook
Gary Kovacs, CEO of AVG. Pic: World Economic Forum
Scammy download sites? Government snooping? Run of the mill for Gary Kovacs