Document Actions

CESG asserts security of open source software

The Guardian - It is wrong to believe that open source software is implicity insecure, according to the government's main official on the subject.

Qamar Yunus of CESG, the National Technical Authority for Information Assurance, made the assertion in outlining the guidance the organisation has produced on the subject at the EHI Live event in Birmingham.

"There was a myth being circulated around the SIs, saying you can't use open source software in government as it's not secure," Yunus told the conference, referring to the systems integrators that account for large amounts of government ICT spending.

To counter this, the Cabinet Office asked CESG, which works within GCHQ, to produce guidance on the subject. The result is already available to users of the Government Secure intranet, and will be published on the Cabinet Office website in the next couple of weeks.

"That document clearly states there is no difference between open source and proprietary software. That's one myth busted," Yunus said.