Ivan Harris G-Cloud UK Meetup


Published on

Presentation from Ivan Harris at our G-Cloud UK Meetup

Published in: Technology, Business
1 Comment
  • http://gg.gg/17l8q
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Ivan Harris G-Cloud UK Meetup

  1. 1. Ivan Harris, Business Manager – Cloud Services
  2. 2. Security Radar for 2014 London G-Cloud Meet-up, January 2014 Ivan Harris, Business Manager – Cloud Services www.eduserv.org.uk
  3. 3. Agenda • Government Security Classifications • PSN Connectivity • Hybrid Clouds • Application Development
  4. 4. Government Security Classifications • Comes into force on 02-04-14 • Classifications: OFFICIAL, SECRET and TOP SECRET • There is no direct mapping between Security Classifications and BILs • BIL should still be used as part of the information risk assessment when selecting GCloud services • New G-Cloud service categories: • Unassured Clouds: Formerly IL0 • Assured Public Cloud: Formerly IL2 • Formally Accredited Public Cloud or Private Cloud: Formerly IL3 • As a rule of thumb: • Unassured Clouds: For non-sensitive OFFICIAL information suitable for the public domain • Assured Public Cloud: Suitable for general OFFICIAL information that is not particularly sensitive • Formally Accredited Public Cloud or Private Cloud: Most OFFICIAL information and aggregated information that‟s not particularly sensitive in isolation • Will Assured Public Clouds require PGA? Just ISO 27001 plus additional controls? Sources: Government Security Classifications April 2014, Version 1.0, Cabinet Office, October 2013 G-Cloud Information Assurance Requirements and Guidance, HMG, May 2012
  5. 5. PSN Connectivity • GCF connectivity is retired on 31-03-14 • GCF users must have obtained PSN connectivity, achieved compliance and transitioned by this date • IL3 accredited PSN bearer networks will start to appear rather than using CAPS accredited devices over IL2 bearer networks • 3 new PSN frameworks due with • More SMEs (dozens, not hundreds) • Three ordering mechanisms (direct award, short competition, full-fat competitions) • 4-5 year contract length • „Public Sector Telecoms‟ framework (which includes cloud services) due to go live in July • 2014-16 growth in „Wider Public Sector‟ including local government and health services: • PSN Spend to mid-2014: Central Government £2.2Bn, Wider Public Sector: £0.8Bn • PSN Spend 2014-2016: Central Government £0.6Bn, Wider Public Sector: £1.6Bn Sources: Next-generation PSN Frameworks, Cabinet Office, November 2013
  6. 6. Hybrid Cloud • Low hanging fruit of point cloud solutions will soon be harvested • More sophisticated solutions will be needed to support: • On premise and off premise • Legacy systems and cloud services • Public and private cloud • Multi-impact level information estates • Integrating to multi-impact level systems • Impact level hybrid clouds are needed • Supports the business benefit prioritized cloud journey and optimises information estates
  7. 7. Application Development • The „Public Cloud First‟ policy, drives for better citizen experience/engagement and more sophisticated solutions require digital services, Enterprise Applications Integration, SaaS and custom web, enterprise mobile applications • Demand from third-party application developers for IaaS, PaaS, EPaaS and PSN support on IL2 and IL3 PGA‟d services • Full software lifecycle support is needed: Spin-up/tear-down of development, test, staging and production environments • Needs to align to HMG‟s Agile objectives by supporting continuous integration and continuous release • Application developers need help with accrediting their applications on already PGA‟d services
  8. 8. In Summary • Government Security Classifications • PSN Connectivity • Hybrid Clouds • Application Development
  9. 9. “In the midst of chaos, there is also opportunity” Sun Tzu Ivan Harris Business Manager – Cloud Services Email: ivan.harris@eduserv.org.uk Phone: 01225 474311