TechnologyAccounting SoftwareSecurity accreditation on trial

Security accreditation on trial

The government is set to trial an IT security accreditation that it hopes will assure both the private and public sectors that software companies, which sell products such as antivirus software and firewalls, meet quality standards.

Link: Hack attacks and spam set to increase

The accreditation scheme – similar to the familiar kitemark – may allay fears over the increasing amount of spam that clogs email inboxes and malicious attacks against IT systems.

Accountancy Age’s sister publication, Computing, has been calling for such a programme for the past two years as part of its Trust campaign. The Cabinet Office’s central sponsor for information assurance (CSIA) group, which coordinates information security projects across government, will trail the ‘Claims Test Mark’ scheme before the end of the year.

‘What we are trying to replicate is the Ronseal test, where a product does exactly what it says on the tin,’ said Harvey Mattinson, head of accreditation at the CSIA.

The accreditation scheme will primarily be focused on helping government departments, agencies and local authorities select information security products such as anti-virus software, firewalls and disk encryption.

‘The accreditation process will take weeks, rather than months or years,’ CSIA director Dr Stephen Marsh said.

‘With certain products and services, you need to have this kind of pace, as threats can change so rapidly.’ Vendor products submitted for review will be measured for security, integrity and ease of use, with the CSIA hoping to measure against BS and ISO 7799 standards in the future.

The CSIA-led General Information Assurance Products and Services Initiative will run the scheme and hopes it will provide private sector businesses with a way of gauging the quality of the product they are buying.

The CSIA is working with the United Kingdom Accreditation Service and CESG, the GCHQ-run national technical authority for information assurance, to establish a number of independent test centres and assessment criteria.

‘In principle this is a good idea, as it gives people standards they can understand and suppliers something they can strive towards,’ said Beatrice Rogers, head of private sector at IT industry body Intellect. ‘But the government needs to make it clear what accreditation means.’

‘With the ABTA stamp, consumers know if an airline collapses they’re likely to be protected. ‘Likewise, the government needs to make clear what accreditation means for both the client and the vendor adopting it,’ she said.

Just last month, an Ernst & Young survey highlighted concerns about the level of awareness about information security among businesses across the globe.

Nearly three-quarters of the 1,200 organisations questioned failed to list training and raising employee awareness of information security issues a top priority.

One in three respondents that had outsourced their IT operations said that they had not conducted a regular check on their IT providers to monitor compliance with information security policies.

Related Articles

5 key tech innovations helping accountants transform their businesses

Accounting Software 5 key tech innovations helping accountants transform their businesses

3w Heather Darnell, Founder of Ask the BOSS
Finance and the tech foundation: what’s needed to deliver impactful business insights?

Accounting Software Finance and the tech foundation: what’s needed to deliver impactful business insights?

3m Workday | Sponsored
Best accounting software for businesses in the UK

Accounting Software Best accounting software for businesses in the UK

3m Accountancy Age, Reporters
Making sense of enterprise tech concepts for finance teams

Accounting Software Making sense of enterprise tech concepts for finance teams

4m Workday | Sponsored
Open Banking: what you need to know

Accounting Software Open Banking: what you need to know

4m Edward Berks, Xero
Accountancy in the digital age: Flexibility, agility, efficiency

Accounting Software Accountancy in the digital age: Flexibility, agility, efficiency

6m Pegasus Software | Sponsored
Sage purchases Intacct in its largest ever acquisition

Accounting Software Sage purchases Intacct in its largest ever acquisition

10m Alia Shoaib, Reporter
5 tips for SMEs to protect cash flow

Accounting Software 5 tips for SMEs to protect cash flow

10m Alia Shoaib, Reporter