Entrepreneur Resources Your source for small business information
The old structure of six levels of protection – Not Protectively Marked, Protect, Restricted, Confidential, Secret and Top Secret – was considered outdated and unsuited to modern work practices and has been replaced by a three level valuation system that includes Official, Secret and Top Secret.
To allow government to securely transfer data in a more timely and efficient manner, the new three-tier indication of sensitivity is as follows:
OFFICIAL
This category is for the majority of information created or processed by government and includes both routine business and some sensitive information, which could have damaging consequences if lost, stolen or published in the media, but are not subject to a heightened threat profile.
SECRET
Very sensitive information that justifies heightened protective measures to defend against determined and highly capable threats. For example, where compromise could seriously damage military capabilities, international relations or the investigation of serious organised crime.
TOP SECRET
This category of information is the most sensitive requiring the highest levels of protection from the most serious threats. For example, where compromise could cause widespread loss of life or else threaten the security or economic wellbeing of the country or friendly nations.
What does this mean for SMEs?
While the re-classification of data is supposed to simplify the procurement of IT, the fact that there is no direct mapping from the old government protective marking scheme to the new classifications might initially cause some confusion.
This could spell trouble for SMEs trying to sell their services to the government via the G-Cloud framework. The problem for SMEs is that the lack of clarity is likely to push Government departments to go with what they know – that being the big systems integrators (SIs) that have been supplying them for years.
On top of that SME’s that have been part of the G-Cloud framework since it was launched in 2012 and have already gone through a number of tender processes will have to change their secure data transfer policies to fit the new classification. While SIs are more likely to have the money and experience to adapt to these changes without affecting their services.
With public spending on cloud services through the government’s Cloud Store having broken the £100m barrier in April, clocking £106m, SMEs will have to adjust quickly to the new principles of secure data transfer in the public sector if they want to address the balance between themselves and SIs.
Author: Maytech provides a global cloud platform for secure and reliant data transfer anywhere in the world, and is also an official supplier to the UK government G-Cloud framework. To find out more visit www.maytech.net.
