CIO

Memset named as second G-Cloud supplier to achieve security accreditation

This follows the recent announcement that SCC was the first supplier to achieve IL2 and IL3 accreditation for nine of its services on Cloudstore

Memset has become the second provider to achieve pan-government security accreditation through the G-Cloud, less than a month after SCC was named as the first successful applicant.

It has achieved Impact Level 2 accreditation for both its public and private Miniserver VM virtual servers.

Kate Craig-Wood, MD of Memset said: "The new 'badges' on the CloudStore website will help bring much needed confidence to buyers who can see instantly which providers have been assessed by information assurance body CESG and approved to operate to a required level."

The government launched its CloudStore in February, which saw 257 suppliers signed up to the G-Cloud framework and catalogued within an online portal. The government plans to accredit each service offered only once and then any government body can reuse that service without going through the accreditation process again.

However, no services that needed security assurance had been accredited until the end of last month, where SCC was the first to achieve accreditation for nine of its services.

Denise McDonagh, G-Cloud programme director said at the time: "Increased use of technology, and the cloud in particular, provide a fantastic opportunity for public sector organisations to be more efficient and the G-Cloud programme is about establishing a flexible, cost-effective framework, which is also secure and meets the needs of the public sector so we're delighted that SCC is the first UK provider to gain pan-government accreditation."

The UK government is also planning to halve the number of security levels it uses internally from six to three in an attempt to simplify the accreditation process for suppliers looking to provide services to the public sector.

It applies a Business Impact Level (IL) classification to suppliers to indicate the security level of their services. IL0 (protected) is the lowest level of security, while IL6 (top secret) is the highest. IL2 is often the minimum requirement for providers bidding for government contracts.

"The government has a complex security marking scheme, there are six levels. We are trying to simplify that to just three to see if we can get most of government in the lowest level for most of its business," said Andy Nelson, government CIO.