Document Actions

GCHQ aims to tackle open source security clearance problem

Computer Weekly - UK security services have begun bridging the gap that has stopped open source software getting security clearance for use in government systems.

The initiative has come too late to stop the first big contract wins delivered under the government's flagship G-Cloud procurement vehicle going to a supplier that shunned open source products because they did not have security accreditation.

Open source suppliers meanwhile insist the certification block has not disallowed their software from government systems – but it has allowed proprietary suppliers to raise doubts over open source security. 

CESG, the IT security arm of Government Communications Headquarters (GCHQ), has begun working with an unnamed small UK business which has agreed to sponsor an open source virtual private network (VPN) system through its strenuous security clearances.

The small firm is the first open source supplier to break the impasse that has stopped open source software getting CESG security clearance.