GDS chap: UK.gov is better off on public cloud than its own purpose-built network The Cabinet Office wants government departments to buy public cloud rather than services from the Public Services Network (PSN). In a blog post on Friday, James Stewart, director of technical architecture and head of technology at the Government Digital Service, indicated that the PSN would be wound down. He said the …
But it's all OFFICIAL isn't it?
Plenty of ways to communicate secure with plod without having to buy into an expensive propitiatory network.
Out most sensitive info form plod is already delivered across the internet using proper encryption technology but the less sensitive stuff needs to come via PSN. Doesn't make a lot of sense really.
"Organisations that need to access services that are only available on the PSN will still need to connect to it for the time being..."
Hi James, that's all of them. There are no real public clouds (crown hosting is not a real public cloud) properly accredited (political exceptions for gmail don't count either) to handle even OFFICIAL, never mind OFFICIAL-SENSITIVE.
"It's important we don't throw the baby out with the bathwater.
You already did that when you dismantled the GSI in favour of an "internal market".
"There are no real public clouds properly accredited"
Urm, of course there are! Keep up! Several actually. How did you think that MoD, MoJ, HMRC and many others are moving to them?
And OFFICIAL-SENSITIVE is "merely" a subset of OFFICIAL so anything rated for OFFICIAL can be used for OFFICIAL-SENSITIVE too. Of course, sensible organisations take a risk-based approach to working out what data is suitable for public clouds.
"And OFFICIAL-SENSITIVE is "merely" a subset of OFFICIAL so anything rated for OFFICIAL can be used for OFFICIAL-SENSITIVE too."
This isn't true. It's completely the other way around. An OFFICIAL-SENSITIVE accredited system can handle all the OFFICIAL purposes and communications you want, but you should not be handling O-S over something only rated to OFFICIAL (i.e. basic commercial best practise). That's why many departments have x.gsi addresses in addition to their increasingly insecure gsi addresses.
Have mentioned before now- small supplier, dealing with UK public sector organisation, was promised orders so did the preliminary work in good faIth. Didn't get orders, due to inept project and commercial management, and project manager then blamed them for not being willing to work with public sector.
Next time I try to save money by bringing in a new, innovative and credible, just small, supplier, maybe i'll ask for personal guarantees from the project managers before even mentioning it. And people wonder why public sector projects seem to cost a lot.
GDS management seems to be mostly ex-BBC or BBC wannabes. Can't see much past the end of their latest iPad or Chromebook.
Certainly they weren't ready for the experienced MOD security chap who totally lost it at the shiny suited wee boy that was telling him he shouldn't worry about security and the only thing that mattered was that the 'experience' was good for his visitors.
I think he worked on nuclear submarines design or some such trivial function.
Quite. The best bit is there haven't been any cost savings, because security-minded departments have been banned from sending sensitive information to the new gmail addresses. End result is huge swathes of operational staff are now toting two email addresses, one of which on the (much) more expensive x.gsi subdomain, because otherwise plod etc. won't send them any documents.
I’ve decided it’s time for me to leave GDS and figure out what comes next. I’m not leaving immediately, but will step away at the end of January. (James Stewart, GDS)
Run away! Run away! Six years in post is the ideal time to leave, before the inevitable manure cart/windmill interface catches up with you.
I'm predicting that at some point in the near future the GDS will announce a new infrastructure thing called NPS (Network for Public Sector) that they claim will be the solution to all of their security problems.
Any coincidence to the PSN will be purely conicidental.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
