The Channel logo


By | Gavin Clarke 3rd April 2012 14:17

G-Cloud rep: We'll mop up data breach flood with red tape

Security accreditation is vital, says MoJ ICT manager

The government is speaking out about “myths and confusion” surrounding its plans for security accreditation on G-Cloud.

A civil servant working on No 10’s big IT catalogue has re-assured Whitehall types that G-Cloud accreditation is most certainly not an unnecessary piece of bureaucracy. She has also warned, however, that just because a service is officially authorised doesn’t necessarily mean it is right for them.

G-Cloud Ministry of Justice representative Emma Gawen has also used the opportunity to bang the drum for accreditation, saying it will help make government tech systems safer and more secure while also making it easier for suppliers and government to work together.

Gawen, an ICT manager at the MoJ, took over the task of communicating about G-Cloud security accreditation plans in February, but it seems progress has quickly hit rough water.

“During my time working in government and on the G-Cloud programme one thing has become very clear: there is an awful lot of confusion about accreditation,” Gawen said here.

Without pointing fingers, Gawen reckoned there’s a sense that accreditation is "just unnecessary bureaucracy".

“To be honest, I can see why you might say that, but it’s not true,” she said.

Accreditation is being handled by the Pan Government Accreditation Service (PGAS), and takes place every 12 months.

She stressed the need for consistent security controls to help reduce growing data security breaches in the public sector and repair the loss of public confidence breaches are causing.

“Some might say that government’s accreditation process is overly laborious, but ensuring security controls are implemented properly has to be thorough to be any use. G-Cloud is working to reduce the burden considerably,” Gawen said.

Meanwhile, just because a product or service makes the G-Cloud list doesn’t make it automatically safe for everybody.

According to Gawen, it’s wrong to assume once a service is accredited for G-Cloud, anyone can use it. She suggested, instead, that prospective G-Cloud users match products and services with their requirements on case-by-case basis. “The nature of the information to be handled by a given service could vary significantly, and therefore so could the impact of compromise,” she said. ®


The UK government should follow Iceland's lead and move to Linux, according to a new e-petition. Given the fashion for austerity, petitioner Stephen Hargreaves has said Whitehall should stop paying “hefty licensing costs” to Microsoft – Windows is running the vast majority of UK government IT systems, he says – and move to Linux. Hargreaves reckons on substantial savings following initial migration and training costs. Microsoft's National Technology Officer Mark Ferrar takes a different view of this type of argument, here.

You can see the petition here: it will be submitted at the end of September 2012. ®

comment icon Read 1 comment on this article alert Send corrections


Privacy image

Frank Jennings

Two working parties, ministers galore... but data transfer law remains in limbo

Chris Evans

It does simplify the hardware setup, whatever it is
A microscopic view of the biometric shark skin. Pic: James Weaver

Chris Mellor

Do something and stop faffing about in the bush league

Kat Hall

International system in general needs greater transparency


Nerd fail photo via Shutterstock
Shouting match
Single market vs. rest of the world
Mostly it's financial crime. Here's what all the cool kids' terms mean in English
Apple logo. Pic: Blake Patterson
Plenty of bumps in the 40-year road for Mac makers