Airwave Service Government Security Classifications Guidance

Similar documents
RELEVANT ELECTRICAL STANDARDS

SETTING UP YOUR OWN LEGAL BUSINESS

Business radio light licence application form OfW432

Safety related product corrective action

Application Form for a GNSS Repeater Licence

Human Rights Risk Tool for Seafood. Helen Duggan, Head of Responsible Sourcing, Seafish

THE USE OF A SAFETY CASE APPROACH TO SUPPORT DECISION MAKING IN DESIGN

Not Protectively Marke d. MPS FOIA Disclosure. Home Office. National ANPR Standards for Policing : Part 1 - Data Standards. Version 5.

Seychelles Civil Aviation Authority SAFETY NOTICE. Coding and registration of Seychelles 406 Mhz Emergency Locator Transmitters (ELTs)

Section 20 NATIONAL POLICE ONLY MUTUAL AID TALKGROUPS: PMA 71 75

Frontier Technology Futures: Support to the DFID Bangladesh Country Office

GOVERNING BODY MEETING in Public 25 April 2018 Agenda Item 3.2

Innovation Office. Intellectual Property at the Nelson Mandela University: A Brief Introduction. Creating value for tomorrow

IAB Europe Guidance THE DEFINITION OF PERSONAL DATA. IAB Europe GDPR Implementation Working Group WHITE PAPER

TETRA and Critical Communications Association (TCCA) response to Ofcom 700 MHz consultation

RELEVANT ELECTRICAL STANDARDS

A matrix tool for assessing the performance of intelligent buildings

Frequently Asked Questions

Standard and guidance for the creation, compilation, transfer and deposition of archaeological archives

National Grid s commitments when undertaking works in the UK. Our stakeholder, community and amenity policy

Engaging UK Climate Service Providers a series of workshops in November 2014

ActionCAD. ActionCAD provides a professional service to the Construction Industry

Australian/New Zealand Standard

Getting the evidence: Using research in policy making

CAPITAL GRANTS PROGRAMME

Office for Nuclear Regulation

At its meeting on 18 May 2016, the Permanent Representatives Committee noted the unanimous agreement on the above conclusions.

Patient and Community Engagement Indicator (Compliance with statutory guidance on patient and public participation in commissioning health and care)

TPS 66. Edition 2 March TPS 66 / Edition: 2 Page 1 of 10

Methodology for Agent-Oriented Software

QUESTIONS AND ANSWERS

The pro bono work of solicitors. PC Holder Survey 2015

2. Summary of Main Points 2.1. An enhanced Airwave (or some alternative national system) is vital to public safety and will remain so in future.

Annual Card Audit: 2013

Corporate slide master

International Forensic Services

GROUND SOURCE HEAT PUMPS LINKED TO SHARED GROUND ARRAYS FOR NEW BUILD RESIDENCES

BROADCASTING (RADIO MULTIPLEX SERVICES) BILL EXPLANATORY NOTES

Orkney Electricity Network Reinforcement Stakeholder Consultation Response. August 2014

Transmission Innovation Strategy

The Nagoya Protocol: Compliance. Implications of the E.U. law for Microbiologists

Justice Sub-Committee on Policing. Police Scotland s digital data and ICT strategy. Written submission from Police Scotland

Office for Nuclear Regulation

Information Governance Policy

FINAL DOCUMENT. Title: Medical Devices Post Market Surveillance: Content of Field Safety Notices. Endorsed by: The Global Harmonization Task Force

TYPE APPROVAL PROCEDURE

ISO Transition Update Question and Answers

Further Consultation on the Release of the / MHz Sub-band

THE UNIVERSITY OF AUCKLAND INTELLECTUAL PROPERTY CREATED BY STAFF AND STUDENTS POLICY Organisation & Governance

DNVGL-CP-0338 Edition October 2015

Presenter: Dr Helen Bandey (Editor)

Westlaw UK For law firms. The online legal research tool that helps you build the strongest arguments.

Fact Sheet IP specificities in research for the benefit of SMEs

Midlands aerospace cluster

ATAS guidance. If you are a new student then your offer information should say whether or not you need an ATAS certificate.

Cancer. Overview. average 2 It is also important to remember that this assessment is relative: a CCG might make improvements on all

GSA SUMMARY REPORT OF EQUALITY CONSIDERATION AND ASSESSMENT OF EQUALITY IMPACT. PGT Ethics Policy. New: Existing/Reviewed: Revised/Updated:

Your response. Our case is set out in the attachment below:

DEFENSIVE PUBLICATION IN FRANCE

Tier 4 Workbook Tier 4 Online Application

JOB PROFILE. Corporate Communications Team Leader (Change Programme) Stratford upon Avon

Ofcom Call for Information on Promoting Investment and Innovation in the Internet of Things Response from Ericsson Ltd October 2014

Policy for CCG Engagement with the Pharmaceutical Industry

Office for Nuclear Regulation

Experience the future of public service communications today. Smart Mobile

Identification and recording of 'hot' sites - joint procedure for Electricity Industry and Communications Network Providers

Type Approval JANUARY The electronic pdf version of this document found through is the officially binding version

Presented by JOHN RAVLIC Ravim RBC

JOB APPLICATION FORM. Post Applied for: Address: Postcode: Letters Numbers. Home Telephone N o : National Insurance N o : Daytime Telephone N o :

Technology and Innovation in the NHS Scottish Health Innovations Ltd

Policing in the 21 st Century. Response from the Royal Academy of Engineering to the Home Affairs Select Committee

INFORMATION SHARING INSIGHTS

Proposals for Liberalisation and Simplification for Business Radio Licensing and pricing

Economic Contribution Study: An Approach to the Economic Assessment of Arts & Creative Industries in Scotland. Executive Summary June 2012

Venturing into contracting?

For consideration at the Executive Committee meeting on 6 June 2016.

Serial Numbering Of Smart Type Electricity Meters From January 2013

2

FINAL proposal for Scope, Business Plan and initial Work Programme

Arrangements for: National Progression Award in Food Manufacture (SCQF level 6) Group Award Code: GF4N 46. Validation date: July 2012

Immigration and International Student Advice: Tier 4 (General) entry clearance application form. Applying for Tier 4 (General) visa from overseas 2017

Disposing of objects you may not own

Most of us will have heard of Open Data. Many of us are working to implement it.

Anonymous registration: Supporting survivors of domestic abuse to register to vote

CURRICULUM VITAE. Alastair David Maclean. Senior leader with considerable commercial and change management experience

Variation Form for a Business Radio Area Defined Licence

EDS LV ELECTRICAL SERVICE DRAWINGS

Case Study HYDRO-COAT: Duly protecting research project results

Consumer and Community Participation Policy

Asia Pacific UK Cross border transactions. Corporate Finance PRECISE. PROVEN. PERFORMANCE.

Making It Your Own A PUBLIC ART POLICY AND PLANNING TEMPLATE. Arts North West Creative Opportunities 2012

21. HOT-DIP GALVANIZED COATING GUARANTEES

PROPOSED DOCUMENT. Global Harmonization Task Force. Title: Medical Devices: Post Market Surveillance: Content of Field Safety Notices

Marine planning and aquaculture. Stacey Clarke

Research Specification: understanding consumer experience of first tier complaints

Patient Choice and Resource Allocation Policy. NHS South Warwickshire Clinical Commissioning Group (the CCG)

Manumix Part 2. Action Plan. Welsh Government

FREQUENTLY ASKED QUESTIONS

Guide for Short Term Study visa applications

Airwave Service Business Benefits Summary

Transcription:

Airwave Service Government Security Classifications Guidance Author: John Stark, Head of Communications Security Home Office Airwave Management Team john.stark@homeoffice.gsi.gov.uk 07718 805804 Enquiries: AirwaveSecurity.Advice@homeoffice.gsi.gov.uk Date: 07 Mar 14 Version: Issue 1.0

Introduction On 2 nd April 2014, the new Government Security Classification Policy (GSCP) will come into force. It will replace the extant Government Protective Marking Scheme (GPMS) with a simplified system which classifies HMG information assets into three types: OFFICIAL, SECRET and TOP SECRET. The new policy will apply to all information that government collects, stores, processes, generates or shares to deliver services and conduct business, including information received from or exchanged with external partners. Further information on the new policy is available on the gov.uk website via the following link: https://www.gov.uk/government/publications/government-security-classifications The Airwave service is a national system with a wide and diverse user community. Not all Airwave user organisations will be adopting the new GSCP at the same. This means that, post 02 Apr 14, there will be Airwave related information that is protectively marked under the extant GPMS or that is classified under the new GSCP. However; the Airwave service itself as a legacy system, will continue to be accredited to GPMS RESTRICTED. Purpose & Scope of this Document The purpose of this document is to provide guidance to the Airwave community on how to handle Airwave related information following the introduction of GSCP. This guidance applies to any organisation that receives or generates information about the Airwave service, including but not limited to: Airwave service contract holders and relevant government departments; Airwave service user organisations; and Airwave service suppliers, equipment manufacturers and contractors. The document contains high level key points to remember plus a set of frequently asked questions (FAQs). Key Points to Remember 1. From 2 nd April 2014, the Airwave service will continue to be accredited to the GPMS level of RESTRICTED. 2. Airwave related information will still need to be protected in the same way as it is now. 3. The core Airwave service will remain suitable for protecting traffic up to and including RESTRICTED under the legacy protective marking scheme. 4. Whilst there is no strict read-across from the extant GPMS to the new GSCP, the Airwave Lead Accreditor considers the Airwave service to be suitable for protecting traffic in the OFFICIAL tier of the new GSCP (i.e. OFFICIAL and OFFICIAL SENSITIVE). 5. Airwave user organisations are adopting the GSCP at different speeds; therefore, you will see Airwave related information protectively marked under both GPMS and GSCP. 6. Consequently, information about the Airwave service that you circulate outside your organisation must always clearly show its classification. For the avoidance of doubt on the part of the receiving organisation, it should also be annotated with clear handling instructions. 7. Existing documentation and central policies related to the Airwave service are not initially being re-classified; although, when policies are reviewed, they may be re-issued under GSCP. For example, the Airwave service Code of Practice is currently issued as NOT PROTECTIVELY MARKED under GPMS when it is reviewed and re-issued, it will be classified as OFFICIAL. March 2014 Airwave Service Government Security Classifications Guidance Page 2

Frequently Asked Questions Airwave user community and adoption of the new GSCP 1. Does our user organisation have to adopt the new GSCP in order to continue using the Airwave service? No. However, your organisation may receive information about the Airwave service that is protectively marked using the new GSCP and must therefore, be aware of how to handle the information. 2. Which organisations that use the Airwave service will be adopting the new GSCP and when? The table below provides an indication (as known at this time) of when major user groups and government organisations will be applying the principles of GSCP for the purposes of Airwave. The list is not exhaustive and is subject to change. Organisation UK central government departments including Home Office Date 2 nd April 2014 HMRC 2 nd April 2014 MoD 2 nd April 2014 Police Forces in England and Wales Planned for October 2014 Police Service of Scotland Ambulance Services in England and Wales Scottish Ambulance Service Fire and Rescue Services in England and Wales Scottish Fire and Rescue Service 3. Is Airwave Solutions Ltd going to be adopting the new GSCP? As a commercial entity, Airwave Solutions Ltd is not bound by the new Government Security Classification Policy. However, Airwave Solutions Ltd (ASL) will need to generate and handle information that may be protectively marked using the new GSCP and will therefore, need to abide by the relevant handling guidance for any information at the new protective markings. It is anticipated that due to the different pace at which its customer base will be adopting the GSCP, ASL will continue to utilise the extant GPMS for an extended period of time. Using the Airwave service with the new GSCP 4. What level of protectively marked information can be passed across the Airwave network? The Airwave service is accredited to carry traffic up to and including the extant GPMS level of RESTRICTED; this remains unchanged. The Airwave Lead Accreditor has determined the Airwave service to be suitable for traffic in the OFFICIAL and OFFICIAL SENSITIVE tier of the new GSCP. March 2014 Airwave Service Government Security Classifications Guidance Page 3

Policy and documentation about the Airwave service 5. Existing central policies and documentation such as the Airwave Service Code of Connection and Airwave Service Code of Practice are all based on the extant GPMS. Are these going to be updated in line with the new GSCP? There is no intention to update any current policies or documentation in line with the new GSCP. Subsequent versions of the central policies and documentation may need to be amended to reflect the new GSCP, dependent on which organisation creates and issues them. For example, if the Home Office issues a document, it must be classified under the new GSCP as the Home Office will be adopting the new GSCP with effect from 02 Apr 14. Handling information about the Airwave service 6. What protective marking should I apply to information about the Airwave service? This is dependent on whether your organisation has adopted the new GSCP. If your organisation has adopted the new GSCP, follow the guidance given in the answer to question 7. If not, you should continue to apply the same markings you would have used under the extant GPMS. Handling information about the Airwave service for organisations that have adopted the new GSCP 7. What protective marking should I apply to information about the Airwave service under the new GSCP? There is no strict read-across between the extant GPMS and the new GSCP. In general terms though, most information about the Airwave service should be classified as OFFICIAL or OFFICIAL SENSITIVE. Appendix A contains a summary of common legacy protective markings for different types of information about the Airwave service; it should not be treated as an exhaustive list. 8. What controls should I apply to information about the Airwave service under the new GSCP? e.g. can I send the information outside my organisation using internet email? Unless the originator has instructed otherwise, you should apply the controls that are required under your organisation's information handling policy. Proportionate good practice will need to be applied in order to protect against compromise. More information on the controls to be applied to the OFFICIAL tier of the new GSCP is available on the Gov.uk website via the link provided in this document s introduction. It is strongly advised that originators of information annotate their documents with handling instructions. This will ensure the receiving organisation whether it has adopted the new GSCP or not is in no doubt as to how to handle the information. 9. How should I handle NOT PROTECTIVELY MARKED or Unclassified information I receive about the Airwave service under the new GSCP? Unless the originator has instructed otherwise, NOT PROTECTIVELY MARKED or Unclassified information about the Airwave service must be handled as OFFICIAL information. March 2014 Airwave Service Government Security Classifications Guidance Page 4

10. How should I handle PROTECT information I receive about the Airwave service under the new GSCP? Unless the originator has instructed otherwise, PROTECT information about the Airwave service must be handled as OFFICIAL information. 11. How should I handle RESTRICTED information I receive about the Airwave service under the new GSCP? Unless the originator has instructed otherwise, RESTRICTED information about the Airwave service must be handled as OFFICIAL SENSITIVE information. 12. How should I handle information from Airwave Solutions Ltd or other 3 rd party suppliers about the Airwave service that does not have a protective marking under the legacy GPMS? Unless the originator has instructed otherwise, information from Airwave Solutions Ltd or other 3 rd party suppliers about the Airwave service must be handled as OFFICIAL information where no protective marking has been applied. Information marked by the supplier as Airwave in confidence or commercially sensitive should be handled as OFFICIAL SENSITIVE information unless your organisations information handling policy states otherwise. Note that some information about the Airwave service is intentionally in the public domain and therefore, should not be subject to strict handling controls, e.g. the information on the Airwave website or in marketing information provided by Airwave Solutions Ltd or other 3 rd party suppliers. If you are unsure, contact the originator of the information for advice on sharing this information. 13. Our organisation has determined that under the new GSCP, it will not routinely mark OFFICIAL documentation. What should we do with information we generate about the Airwave service? The Airwave service is used by a large number of public sector and private organisations, many of which will not be adopting the new GSCP on 2 nd April 2014 (or in some cases not at all). Without a protective marking explicitly written on a document, the document may be treated as NOT PROTECTIVELY MARKED or Unclassified, therefore best practice will be to always protectively mark information about the Airwave service. Information about the Airwave service should be protectively marked with the appropriate classification under either the extant GPMS or the new GSCP. As a minimum, a protective marking under the new GSCP must be applied to information about the Airwave service that is to be circulated outside your organisation. 14. Our organisation already has information about the Airwave service that is marked using the extant GPMS. Do we have to re-classify this information in line with the new GSCP? No. Existing information does not need to have the new GSCP applied to it retrospectively. Unless the originator has instructed otherwise, the information must be handled in line with your organisation s information handling policy. March 2014 Airwave Service Government Security Classifications Guidance Page 5

Handling information about the Airwave service for organisations that will continue to use the GPMS 15. How should I handle OFFICIAL information I receive about the Airwave service? Unless the originator has indicated otherwise, OFFICIAL information about the Airwave Service should be handled as NOT PROTECTIVELY MARKED or Unclassified information in line with your organisations information handling policy. Unless the originator has indicated otherwise, this information must only be used for official purposes by the recipient, and should not be released to the public. If unsure, please refer to Appendix A for a summary of common legacy protective markings for different types of information about the Airwave service or refer to the originator. 16. How should I handle OFFICIAL SENSITIVE information I receive about the Airwave service? Unless the originator has indicated otherwise, OFFICIAL SENSITIVE information about the Airwave Service should be handled as RESTRICTED information in line with your organisations information handling policy. If unsure, please refer to Appendix A for a summary of common legacy protective markings for different types of information about the Airwave service, or refer to the originator. Queries 17. Who do I contact to query document classifications and / handling requirements? In the first instance, you should always contact the document owner. Alternatively, contact the Home Office Airwave Management Team via the details on the front cover of the document. March 2014 Airwave Service Government Security Classifications Guidance Page 6

APPENDIX A: AIRWAVE SERVICE Extant Protective Markings Type of Information / Asset General Maximum Extant Protective Marking Likely GSCP Marking Existence of Airwave service NOT PROTECTIVELY MARKED OFFICIAL (public info) Programme plans, reports and other programme related documentation RESTRICTED OFFICIAL - SENSITIVE Terminals Air Interface Terminal Security Target UK RESTRICTED UK OFFICIAL - SENSITIVE Design specifications and technical implementation methodology for security measures in Air Interface Encrypted radios and data terminals RESTRICTED OFFICIAL SENSITIVE Defective Air Interface Encrypted radio terminal RESTRICTED OFFICIAL SENSITIVE Operational Air Interface Encrypted radio terminal NOT PROTECTIVELY MARKED OFFICIAL Vanilla Air Interface Encrypted radio terminal (i.e. no configuration information) NOT PROTECTIVELY MARKED OFFICIAL Network Network assigned ISSI address range NOT PROTECTIVELY MARKED OFFICIAL Geographical data about Airwave base station sites NOTE: to meet the requirements of Ofcom, some specific geographical information about Airwave base stations is in the public domain. Information about Airwave base station sites containing configuration details about the network design RESTRICTED RESTRICTED OFFICIAL (some public info) OFFICIAL SENSITIVE Geographical information about Airwave infrastructure sites RESTRICTED OFFICIAL SENSITIVE Key Management Baseline service Details of encryption key length and key management procedures RESTRICTED OFFICIAL SENSITIVE Air Interface Airwave key material RESTRICTED OFFICIAL SENSITIVE User Information Individual ISSI or GSSI NOT PROTECTIVELY MARKED OFFICIAL ISSI / GSSI list associated with a single organisation PROTECT OFFICIAL National ISSI / GSSI list associated with multiple organisations RESTRICTED OFFICIAL SENSITIVE Identification of users, user organisations and their respective locations RESTRICTED OFFICIAL SENSITIVE NOTE 1: NOTE 2: NOTE 3: Some additional protective marking caveats apply to Terminals and Key Management information under the extant GPMS. These caveats are detailed in the Airwave Service Code of Practice for Radio Terminals. ISSI = Individual Short Subscriber Identity GSSI = Group Short Subscriber Identity March 2014 Airwave Service Government Security Classifications Guidance Pa

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback