PSN makes changes to reduce risk

Opinion

PSN makes changes to reduce risk

The new Government Security Classification Policy came into force in April 2014. It includes subtle changes that strengthen Public Services Network (PSN) as a platform for innovation and reform in public sector.

First, the six classifications for sharing information have been reduced to three to reduce complexity.

14-09 Adele Parker.jpg

The classifications now comprise Official, Secret and Top Secret. There is also a subset of Official, called Official-Sensitive, for information that could have more damaging consequences if it were lost, stolen or published in the media.

Under the new classifications, most public sector information will be classed as Official – this is information derived from routine business operations and services. The government’s ICT Strategy anticipates that the PSN will be the primary network bearer for Official information.

This is because PSN is a trusted method for sharing Official information that has already been tested, reviewed and checked against compliance regimes. It demonstrates solid management processes and is being readily audited. 

PSN-consuming organisations already comply with the PSN Information Assurance regulations. The PSN platform comes with agreed levels of service, integrity and a built-in level of security that’s appropriate for most government business. It is already the trusted platform for sharing information across the public sector.

Responsibility and safeness

The new rules also leave information originators (or owners) with the responsibility of classifying it. This means only they can change the classification, although others can challenge it. 

For example, through the Freedom Of Information Act (FOIA), a member of the public may challenge an Official-Sensitive classification of a document that is, perhaps, in the public interest. 

The PSN provides a secure transport mechanism, which reduces the risk of mistakenly under-classifying a document.

Perhaps more importantly, under the new rules, with responsibility falling to the individual, we need to focus more on safeness of information. Information owners will need to acknowledge they have information that needs to be managed; they will need to understand what they are managing and think about the safeness of information.

PSN provides a safe environment for innovation that reduces the cost and risk of experimentation

For example, a user needs to send information from A to B and might also need to share the information with others. The information owner needs to go to the proverbial door and know what’s behind it before sharing information.

They’ll need to ask themselves the question, is the information being sent going to be safe? How should I classify it? Again, PSN has a role to play by reducing risk and keeping Official information safe. 

Hygiene factor

PSN provides a safe environment for innovation that reduces the cost and risk of experimentation. Eventually, for sharing Official information at least, PSN will become the ‘hygiene factor’; information owners will expect it to be the transportation method for information. They need it to be in place. After all, other industry sectors have trusted environments, why shouldn’t the public sector?      

The new Government Security Classification Policy is a change welcomed by PSNGB. Combined with a new trusted network for the public sector, PSNGB will soon see how information owners can do things differently, how together we can reform the public sector for good.

Adele Parker, director and head of compliance, PSNGB

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

This was first published in September 2014

 

COMMENTS powered by Disqus  //  Commenting policy