Eduserv, profile picture
Uploaded byEduserv
PPTX, PDF1,464 views

Security radar for 2014

The document discusses key topics related to the 2014 London G-Cloud meet-up, including government security classifications set to take effect on April 2, 2014, PSN connectivity retirement, and the future of hybrid clouds and application development. It outlines the classifications of cloud services and their appropriate uses, as well as the implications of retiring GCF connectivity for public sector telecommunications. Additionally, it emphasizes the need for sophisticated solutions and integration of cloud services to enhance citizen engagement and support application developers.

Embed presentation

Download to read offline
Security Radar for 2014 London G-Cloud Meet-up, January 2014 Ivan Harris, Business Manager – Cloud Services www.eduserv.org.uk
Agenda • Government Security Classifications • PSN Connectivity • Hybrid Clouds • Application Development
Government Security Classifications • Comes into force on 02/04/14 • Classifications: OFFICIAL, SECRET and TOP SECRET • There is no direct mapping between Security Classifications and BILs • BIL should still be used as part of the information risk assessment when selecting G-Cloud services • New G-Cloud service categories: • Unassured Clouds: Formerly IL0 • Assured Public Cloud: Formerly IL2 • Formally Accredited Public Cloud or Private Cloud: Formerly IL3 • As a rule of thumb: • Unassured Clouds: For non-sensitive OFFICIAL information suitable for the public domain • Assured Public Cloud: Suitable for general OFFICIAL information that is not particularly sensitive • Formally Accredited Public Cloud or Private Cloud: Most OFFICIAL information and aggregated information that‟s not particularly sensitive in isolation • Will Assured Public Clouds require PGA? Just ISO 27001 plus additional controls? Sources: Government Security Classifications April 2014, Version 1.0, Cabinet Office, October 2013 G-Cloud Information Assurance Requirements and Guidance, HMG, May 2012
PSN Connectivity • GCF connectivity is retired on 31/03/14 • GCF users must have obtained PSN connectivity, achieved compliance and transitioned by this date • IL3 accredited PSN bearer networks will start to appear rather than using CAPS accredited devices over IL2 bearer networks • 3 new PSN frameworks due with • More SMEs (dozens, not hundreds) • Three ordering mechanisms (direct award, short competition, full-fat competitions) • 4-5 year contract length • „Public Sector Telecoms‟ framework (which includes cloud services) due to go live in July • 2014-16 growth in „Wider Public Sector‟ including local government and health services: • PSN Spend to mid-2014: Central Government £2.2Bn, Wider Public Sector: £0.8Bn • PSN Spend 2014-2016: Central Government £0.6Bn, Wider Public Sector: £1.6Bn Sources: Next-generation PSN Frameworks, Cabinet Office, November 2013
Hybrid Cloud • Low hanging fruit of point cloud solutions will soon be harvested • More sophisticated solutions will be needed to support: • On premise and off premise • Legacy systems and cloud services • Public and private cloud • Multi-impact level information estates • Integrating to multi-impact level systems • Impact level hybrid clouds are needed • Supports the business benefit prioritized cloud journey and optimises information estates
Application Development • The „Public Cloud First‟ policy, drives for better citizen experience/engagement and more sophisticated solutions require digital services, Enterprise Applications Integration, SaaS and custom web, enterprise mobile applications • Demand from third-party application developers for IaaS, PaaS, EPaaS and PSN support on IL2 and IL3 PGA‟d services • Full software lifecycle support is needed: Spin-up/tear-down of development, test, staging and production environments • Needs to align to HMG‟s Agile objectives by supporting continuous integration and continuous release • Application developers need help with accrediting their applications on already PGA‟d services
In Summary • Government Security Classifications • PSN Connectivity • Hybrid Clouds • Application Development
“In the midst of chaos, there is also opportunity” Sun Tzu Ivan Harris Business Manager – Cloud Services Email: ivan.harris@eduserv.org.uk Phone: 01225 474311 Twitter: @IvanDavidHarris

More Related Content

PPTX
Ivan Harris G-Cloud UK Meetup
byWeAreEsynergy
 
PDF
Cooperation SIG AGM Report
byAPNIC
 
PDF
CNNIC Update
byAPNIC
 
PDF
Vodafone uk product on a page
byRossSurplice
 
PPTX
Informatics & Digital Priorities for Social Care 2016/17 - 2020 | Andrew Fen...
byDepartment for Communities and Local Government Local Digital Campaign
 
PPTX
Overview of Brocade's products and services
byYue-Hua (Cindy) Liu
 
PDF
FIWARE Tech Summit - FIWARE Connecting to IoT
byFIWARE
 
PDF
The Future Of the Internet
byDr Nikolaus Eberl | Motivational Intelligence
 
Ivan Harris G-Cloud UK Meetup
byWeAreEsynergy
 
Cooperation SIG AGM Report
byAPNIC
 
CNNIC Update
byAPNIC
 
Vodafone uk product on a page
byRossSurplice
 
Informatics & Digital Priorities for Social Care 2016/17 - 2020 | Andrew Fen...
byDepartment for Communities and Local Government Local Digital Campaign
 
Overview of Brocade's products and services
byYue-Hua (Cindy) Liu
 
FIWARE Tech Summit - FIWARE Connecting to IoT
byFIWARE
 
The Future Of the Internet
byDr Nikolaus Eberl | Motivational Intelligence
 

What's hot

PPTX
EclipseCon NA 2016: The Things Network
byJohan Stokking
 
PPTX
2016 Network Security Outlook
byWestern NRG
 
PDF
One year later… Revisiting the GDPR and what it means for the cloud
byOVHcloud
 
PPT
Picnic 2011
byArnold Koning
 
PDF
InnovationSummit2015 - iot connectivity
byThibault Cantegrel
 
PDF
Delivering the IoT ecosystem
byTelefónica IoT
 
PPTX
IoT Security
byPeter Waher
 
EclipseCon NA 2016: The Things Network
byJohan Stokking
 
2016 Network Security Outlook
byWestern NRG
 
One year later… Revisiting the GDPR and what it means for the cloud
byOVHcloud
 
Picnic 2011
byArnold Koning
 
InnovationSummit2015 - iot connectivity
byThibault Cantegrel
 
Delivering the IoT ecosystem
byTelefónica IoT
 
IoT Security
byPeter Waher
 

Similar to Security radar for 2014

PPTX
It's More than Cloud - Digital Disruption - your business model is under thre...
byDavid Terrar
 
PDF
CloudCamp Chicago May 2014
byCloudCamp Chicago
 
PPTX
Public Sector Cloud
bySimon Greig
 
PPTX
Putting public cloud in your government ICT strategy
byEduserv
 
PDF
oracle-public-sector-global-wp
byDavid John Kerr
 
PPTX
G Cloud Presentation to IMKS 15 4 2010
byRed Pepper@52
 
ODP
Heading for the cloud
byPaul Tanner
 
PPT
Eduserv Symposium 2013 - PSN: a new kind of marketplace
byEduserv
 
PDF
How European policy impacts cloud in the UK public sector
byHuddleHQ
 
PPT
G-Cloud #AccreditCamp
byG-Cloud
 
PPT
Accredcamp
byG-Cloud
 
PPTX
Socitm eastern region
byRed Pepper@52
 
PPT
G-Cloud #AccreditCamp - Farnborough 17Apr2013
byG-Cloud
 
PDF
Andy Tait, Cabinet Office - public sector ICT landscape
bySocitm
 
DOCX
IT 833 INFORMATION GOVERNANCEDr. Isaac T. GbenleChapte
bymariuse18nolet
 
DOCX
IT 833 INFORMATION GOVERNANCEDr. Isaac T. GbenleChapte.docx
byvrickens
 
PDF
G-Cloud Programme vision UK - technical architectureworkstrand-report t8
byVictor Gridnev
 
PPTX
Cloud - is it just pie in the sky? Helen Gerling (Director of Consultancy, Sh...
bymysociety
 
PDF
g-cloud vision
byputinvn
 
PDF
A guide to cloud computing for the public sector
byRobin Brooke
 
It's More than Cloud - Digital Disruption - your business model is under thre...
byDavid Terrar
 
CloudCamp Chicago May 2014
byCloudCamp Chicago
 
Public Sector Cloud
bySimon Greig
 
Putting public cloud in your government ICT strategy
byEduserv
 
oracle-public-sector-global-wp
byDavid John Kerr
 
G Cloud Presentation to IMKS 15 4 2010
byRed Pepper@52
 
Heading for the cloud
byPaul Tanner
 
Eduserv Symposium 2013 - PSN: a new kind of marketplace
byEduserv
 
How European policy impacts cloud in the UK public sector
byHuddleHQ
 
G-Cloud #AccreditCamp
byG-Cloud
 
Accredcamp
byG-Cloud
 
Socitm eastern region
byRed Pepper@52
 
G-Cloud #AccreditCamp - Farnborough 17Apr2013
byG-Cloud
 
Andy Tait, Cabinet Office - public sector ICT landscape
bySocitm
 
IT 833 INFORMATION GOVERNANCEDr. Isaac T. GbenleChapte
bymariuse18nolet
 
IT 833 INFORMATION GOVERNANCEDr. Isaac T. GbenleChapte.docx
byvrickens
 
G-Cloud Programme vision UK - technical architectureworkstrand-report t8
byVictor Gridnev
 
Cloud - is it just pie in the sky? Helen Gerling (Director of Consultancy, Sh...
bymysociety
 
g-cloud vision
byputinvn
 
A guide to cloud computing for the public sector
byRobin Brooke
 

More from Eduserv

PPTX
Phase two of OpenAthens SP evolution including OpenID connect option
byEduserv
 
PPTX
Partnership Licensing - allowing access to licensed resources
byEduserv
 
PPTX
Lightning talk - EBSCO
byEduserv
 
PPTX
Lightning talk - Boopsie
byEduserv
 
PPTX
Lightning talk - Softlink
byEduserv
 
PPTX
Lightning talk - Third Iron BrowZine
byEduserv
 
PPTX
Lightning talk - Eduserv Chest Agreements
byEduserv
 
PPTX
Phase one of OpenAthens SP evolution
byEduserv
 
PPTX
Key considerations when mapping your end user experience
byEduserv
 
PPTX
Our product development methodology
byEduserv
 
PPTX
How Readers Discover Content
byEduserv
 
PPTX
OpenAthens product update
byEduserv
 
PPTX
OpenAthens Customer Conference - Welcome address
byEduserv
 
PPTX
Generating leads with content marketing
byEduserv
 
PPTX
Pre-launch introduction to the new OpenAthens SP dashboard - 13/09/2016
byEduserv
 
PDF
Mobius from Maplesoft
byEduserv
 
PDF
QSR NVivo
byEduserv
 
PPTX
How Eduserv are helping local government organisations
byEduserv
 
PPTX
Is cloud the right fit for your needs?
byEduserv
 
PPTX
Planning your cloud strategy: Adur and Worthing Councils
byEduserv
 
Phase two of OpenAthens SP evolution including OpenID connect option
byEduserv
 
Partnership Licensing - allowing access to licensed resources
byEduserv
 
Lightning talk - EBSCO
byEduserv
 
Lightning talk - Boopsie
byEduserv
 
Lightning talk - Softlink
byEduserv
 
Lightning talk - Third Iron BrowZine
byEduserv
 
Lightning talk - Eduserv Chest Agreements
byEduserv
 
Phase one of OpenAthens SP evolution
byEduserv
 
Key considerations when mapping your end user experience
byEduserv
 
Our product development methodology
byEduserv
 
How Readers Discover Content
byEduserv
 
OpenAthens product update
byEduserv
 
OpenAthens Customer Conference - Welcome address
byEduserv
 
Generating leads with content marketing
byEduserv
 
Pre-launch introduction to the new OpenAthens SP dashboard - 13/09/2016
byEduserv
 
Mobius from Maplesoft
byEduserv
 
QSR NVivo
byEduserv
 
How Eduserv are helping local government organisations
byEduserv
 
Is cloud the right fit for your needs?
byEduserv
 
Planning your cloud strategy: Adur and Worthing Councils
byEduserv
 

Recently uploaded

PPTX
Cybercrime in the Digital Age: Risks, Impact & Protection
byYasir Naveed Riaz
 
PDF
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PPTX
Software Analysis &Design ethiopia chap-2.pptx
byAbbas484771
 
PDF
Six Shifts For 2026 (And The Next Six Years)
byDavid Armano
 
PPTX
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
PPTX
DYNAMICALLY.pptx good for the teachers or students to do seminars and for tea...
bympoorvika031
 
PDF
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
PPT
software-security-intro in information security.ppt
byismaeelsahib032
 
PDF
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
PDF
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
PDF
DevFest El Jadida 2025 - Product Thinking
byElmehdi AMLOU
 
PDF
Our Digital Tribe_ Cultivating Connection and Growth in Our Slack Community 🌿...
bysanjeetmishra30
 
PPTX
Coded Agents – with UiPath SDK + LangGraph [Virtual Hands-on Workshop]
byUiPathCommunity
 
PPTX
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
PDF
Is It Possible to Have Wi-Fi Without an Internet Provider
bySidra Jefferi
 
PDF
Dev Dives: AI that builds with you - UiPath Autopilot for effortless RPA & AP...
byUiPathCommunity
 
PPTX
AI in Cybersecurity: Digital Defense by Yasir Naveed Riaz
byYasir Naveed Riaz
 
PDF
API-First Architecture in Financial Systems
bycyy111112
 
PPTX
From Backup to Resilience: How MSPs Are Preparing for 2026
byMSP360
 
PDF
Internet_of_Things_IoT_for_Next_Generation_Smart_Systems_Utilizing.pdf
byRoshanSyed12
 
Cybercrime in the Digital Age: Risks, Impact & Protection
byYasir Naveed Riaz
 
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Software Analysis &Design ethiopia chap-2.pptx
byAbbas484771
 
Six Shifts For 2026 (And The Next Six Years)
byDavid Armano
 
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
DYNAMICALLY.pptx good for the teachers or students to do seminars and for tea...
bympoorvika031
 
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
software-security-intro in information security.ppt
byismaeelsahib032
 
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
DevFest El Jadida 2025 - Product Thinking
byElmehdi AMLOU
 
Our Digital Tribe_ Cultivating Connection and Growth in Our Slack Community 🌿...
bysanjeetmishra30
 
Coded Agents – with UiPath SDK + LangGraph [Virtual Hands-on Workshop]
byUiPathCommunity
 
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
Is It Possible to Have Wi-Fi Without an Internet Provider
bySidra Jefferi
 
Dev Dives: AI that builds with you - UiPath Autopilot for effortless RPA & AP...
byUiPathCommunity
 
AI in Cybersecurity: Digital Defense by Yasir Naveed Riaz
byYasir Naveed Riaz
 
API-First Architecture in Financial Systems
bycyy111112
 
From Backup to Resilience: How MSPs Are Preparing for 2026
byMSP360
 
Internet_of_Things_IoT_for_Next_Generation_Smart_Systems_Utilizing.pdf
byRoshanSyed12
 

Security radar for 2014

  • 1.
    Security Radar for2014 London G-Cloud Meet-up, January 2014 Ivan Harris, Business Manager – Cloud Services www.eduserv.org.uk
  • 2.
    Agenda • Government SecurityClassifications • PSN Connectivity • Hybrid Clouds • Application Development
  • 3.
    Government Security Classifications •Comes into force on 02/04/14 • Classifications: OFFICIAL, SECRET and TOP SECRET • There is no direct mapping between Security Classifications and BILs • BIL should still be used as part of the information risk assessment when selecting G-Cloud services • New G-Cloud service categories: • Unassured Clouds: Formerly IL0 • Assured Public Cloud: Formerly IL2 • Formally Accredited Public Cloud or Private Cloud: Formerly IL3 • As a rule of thumb: • Unassured Clouds: For non-sensitive OFFICIAL information suitable for the public domain • Assured Public Cloud: Suitable for general OFFICIAL information that is not particularly sensitive • Formally Accredited Public Cloud or Private Cloud: Most OFFICIAL information and aggregated information that‟s not particularly sensitive in isolation • Will Assured Public Clouds require PGA? Just ISO 27001 plus additional controls? Sources: Government Security Classifications April 2014, Version 1.0, Cabinet Office, October 2013 G-Cloud Information Assurance Requirements and Guidance, HMG, May 2012
  • 4.
    PSN Connectivity • GCFconnectivity is retired on 31/03/14 • GCF users must have obtained PSN connectivity, achieved compliance and transitioned by this date • IL3 accredited PSN bearer networks will start to appear rather than using CAPS accredited devices over IL2 bearer networks • 3 new PSN frameworks due with • More SMEs (dozens, not hundreds) • Three ordering mechanisms (direct award, short competition, full-fat competitions) • 4-5 year contract length • „Public Sector Telecoms‟ framework (which includes cloud services) due to go live in July • 2014-16 growth in „Wider Public Sector‟ including local government and health services: • PSN Spend to mid-2014: Central Government £2.2Bn, Wider Public Sector: £0.8Bn • PSN Spend 2014-2016: Central Government £0.6Bn, Wider Public Sector: £1.6Bn Sources: Next-generation PSN Frameworks, Cabinet Office, November 2013
  • 5.
    Hybrid Cloud • Lowhanging fruit of point cloud solutions will soon be harvested • More sophisticated solutions will be needed to support: • On premise and off premise • Legacy systems and cloud services • Public and private cloud • Multi-impact level information estates • Integrating to multi-impact level systems • Impact level hybrid clouds are needed • Supports the business benefit prioritized cloud journey and optimises information estates
  • 6.
    Application Development • The„Public Cloud First‟ policy, drives for better citizen experience/engagement and more sophisticated solutions require digital services, Enterprise Applications Integration, SaaS and custom web, enterprise mobile applications • Demand from third-party application developers for IaaS, PaaS, EPaaS and PSN support on IL2 and IL3 PGA‟d services • Full software lifecycle support is needed: Spin-up/tear-down of development, test, staging and production environments • Needs to align to HMG‟s Agile objectives by supporting continuous integration and continuous release • Application developers need help with accrediting their applications on already PGA‟d services
  • 7.
    In Summary • GovernmentSecurity Classifications • PSN Connectivity • Hybrid Clouds • Application Development
  • 8.
    “In the midstof chaos, there is also opportunity” Sun Tzu Ivan Harris Business Manager – Cloud Services Email: ivan.harris@eduserv.org.uk Phone: 01225 474311 Twitter: @IvanDavidHarris