The government will allow overseas companies to supply cloud services through G-Cloud, though information assurance will be necessary
The government’s soon-to-launch cloud programme, G-Cloud, is to allow overseas suppliers to handle certain types of public-sector data, according to the Government Procurement Service’s Robert McLeod.
Under G-Cloud, offshore companies will be allowed to handle data categorised as Impact Level 2 (IL2), though more sensitive types will face tougher restrictions, according to a report by IT industry journal Computer Weekly.
IL2 (“protected”) data is defined as that which in the case of a breach would not compromise the workings of government, but which could cause inconvenience or discomfort to individuals. McLeod said at an Accredit Camp event that there are no specific prohibitions on the off-shoring of IL2 data, as long as suppliers comply with regulations such as the Data Protection Act.
Accreditation standards will be stricter for services intended to handle IL3 (“restricted”) and IL4 (“confidential”) data, with the accreditation process requiring a data centre inspection, McLeod said.
He added that the government is hoping to institute a centralised accreditation process, so that a service can be accredited once for deployment by multiple agencies.
The CloudStore portal is expected to launch this week, with up to 1,700 services on offer from up to 600 suppliers and the first tranche of G-Cloud services is expected to roll out this month.
“The CloudStore will be the catalogue of services and suppliers on the G-Cloud Framework and we’ve been working on designing it for the past couple of weeks,” the government said in a blog posting earlier this month. “The aim is to make it into a type of ‘e-marketplace’ which contains details of the services, accreditation levels and enable buyers to make comparisons between services to facilitate intelligent and efficient purchasing for buyers and suppliers.”
The CloudStore site will allow buyers to make comparisons between the various suppliers and will apparently be divided into four G-Cloud lots, namely Software as a Service (SaaS); Platform as a Service (PaaS); Infrastructure as a Service (IaaS); and Specialist Cloud Service.
Lengthy tender process
The government has said it is planning to re-open the framework for new suppliers and products in the next few weeks, following a tender process that has already been lengthy.
It was in October 2011 that the government Procurement Service placed a tender for G-Cloud services with the aim of creating a government marketplace of cloud services, but the government said the response was “overwhelming” and the tender deadline was extended several times, stretching the submission process to the end of 2011.
Last summer there had been concern that the G-Cloud project had been abandoned and it was dismissed as ‘unnecessary’ by David Wilde, CIO for Westminster City Council earlier in 2011. But by the Autumn it soon became clear that the project was very much alive and well and on 18 October the government published the G-Cloud framework tender process, saying that the duration of the framework would be only six to nine months.
The G-Cloud framework is worth up to £60 million and aims to provide government departments with ‘pay as you go’ IT systems. Because there are less stringent financial history reporting requirements and a more open procedure with a simple spreadsheet of yes or no answers to mandatory questions rather that a lengthy pre-qualification questionnaire (PQQ), its appeal among SMEs is especially high.
The framework apparently asks suppliers what they can offer the government rather than dictating a complicated specification that stifles innovation, while services are provided on the supplier’s standard terms with a government overlay instead of demanding a unique crown contract.
This type of thinking is very much in line with the EU’s thoughts, as it is strongly pushing the open eGovernment services concept.
Tom Jowitt contributed to this report.