Cloud Services & the Government Security Classifications Policy

The UK government has increasingly been encouraging the use of cloud services instead of traditional IT solutions as it seeks to create more cost-effective and agile platforms as part of the Government ICT Strategy. To support this strategy the government has implemented a number of policies and initiatives to make the adoption and use of cloud services easier.

However, it has been observed that some UK public sector organisations have previously misinterpreted CESG guidance around Impact Levels under the Government Protective Marking Scheme (GPMS) creating an unnecessary barrier to consume cloud services.

On 2 April 2014, the Government Security Classification Policy (GSCP) was introduced which will ultimately replace the previous GPMS after a period of parallel running. The GSCP replaces the previous six Impact Levels (ILs) with just three classifications; OFFICIAL, SECRET and TOP-SECRET.

As there is no mapping between the previous Impact Levels and the new categories, public sector organisations are encouraged to make their own decision as to whether suppliers are applying the necessary controls to ensure appropriate protection of their data and systems.

This white paper provides public sector organisations with advice and guidance to help them make appropriate use of cloud services without compromising the confidentiality, integrity or availability of the information which makes up their digital and shared services.

Simply submit your details below to download this essential paper, 'Cloud Services & the Government Security Classifications Policy':

If you see this, leave this form field blank and invest in CSS support.
Your Details (* denotes required field)

Non WiredGov Registrants: Please fill in all the required fields below.

WiredGov Registrants: Simply login here to automatically fill the fields with your information. Alternatively you can fill in the required fields manually.

Share this campaign

UKCloud

Latest tweets