Me

No User

You must log in to access your account.

Open Source Security and Governance

Group Avatar Thumbnail

Open Source Security and Governance Avatar

Admins

Description

Utilising and harnessing the power of Open Source and GNU projects, tools and philosophies to secure legacy networks and provide governance / regulatory assurance.

Members (16) See All »

Group Wire See All »

  • On September 24, 2009 Gary Marston said:

    A loosely related thread whilst it’s fresh in my mind.

    It would appear that the ICO and Audit Commission are recruiting, arming and preparing a campaign to draft and share explicit protocol for data handling with a view to sterner measures for enforcing penalties for non compliance. The general consensus appears to be that the consequences for data breaches will be far greater than a slap on the wrist moving forward.

    We working on a proposal from an authoritative figure both on the subject and integral to the process who is familiar with the implications related to electronic forms, digital signatures and securiing data. Public Sector Forums will in association coordinate dedicated sessions so we will hope to publish dates as soon as they are fixed.

    This weaves threads from the really positive feedback / references to Ian Cuddies log of Data Breaches for 2009 that provides a solid platform to build on. General feedback relates to it supporting campaigns for improved awareness for data handling across organisations….not least from HMRC’s Head of Internal Communications.

    Ian’s log can be found here - http://www.publicsectorforums.co.uk/page.cfm?pageID=5836

    Regards,

    Gary

  • On August 9, 2009 Richard Morrell said:

    Does OSS enhance security within corporate governance within the public sector ?

    The theory is (and it’s one I agree with entirely) that millions of pairs of eyes looking at OSS code make a far better environment than a proprietary platform where a producing software developer has a limited base of coders and a release window/cycle that is often impacted by latency in other dependent runtimes or reliant applications.

    The traditional model of open CVS and the manner in which Bugtraq/Launchpad etc allow us as developers, users, administrators and adoptors of OSS allows us to react quicker and better for all dev/test environments. Often impacted on live and always allowing us to react faster than traditional ”Cathedral” methods of development.

    The question remains that as many local government departments adopt OSS is the factor of enhanced security because of peer review accepted as a pro or a con.

    In the corridors of power within Government where I often find myself the jury is out.

    Would be interested in hearing your opinions.

    Richard