HMRC is to secure up to 7,000 laptops using Becrypt’s DISK Protect full disk encryption system, the first important government department to opt for a disk security system under the auspices of the more pragmatic Commercial Product Assurance (CPA) scheme.
The organisation finished a pilot assessment that saw 300 laptops protected using the software, reportedly warming to the faster deployment advantages of using a centrally-managed encryption system.
Almost the entire installed based of laptops will now be equipped with Becrypt, allowing some employees to start using mobile computers for the first time, Computerworld understands.
HMRC had previously used Becrypt’s encryption under the stringent CAPS (CESG Assisted Products Service) standard which imposes the highest possible security protocols on the installation and management of disk encryption.
The CPA replaces that with a more practical, less complex approach based on central key management of the sort that is now widely used elsewhere in the public and private sectors.
“We considered a need/use case and believe that the CPA solution is appropriate for these devices where we would have traditionally defaulted to the CAPS solution (CESG Assisted Products Service). The security is appropriate for the protective marking of these devices,” said HMRC head of service design, Stewart Weston-Lewis.
He put the savings gained by moving to a mainstream technology as £2.4 million based on the lower admin overheads and cheaper software costs.
“CPA does not compromise standards. It balances the security of the product to the risks it is exposed to,” he said.
Jonathan Hoyle, Director General for Government and Industry Cyber Security at GCHQ, stated was also enthusiastic about the more down-to-earth demands of CPA.
“We needed to ensure that we maintained a pragmatic level of security, ensuring UK Government can deliver its business whilst remaining safe against the likely risks we face. We are absolutely delighted with the experience and savings HMRC have found as a result of CPA, and we hope this will be repeated across other Government departments,” he said.
The choice of Becrypt was also helped by the software’s ability to perform the encryption-decryption without obvious performance degradation.