Auth0 is excited to announce our inclusion into the Cloud Services Category of the G-Cloud 11 framework, part of the United Kingdom's official Digital Marketplace for the Public Sector. G-Cloud accreditation prequalifies Auth0 to participate in public sector tenders for critical software and security services. It is the gateway to servicing government departments (e.g. HMRC) and non-governmental agencies (such as Homes England and the NHS).
Auth0 has now been G-Cloud accredited for three years in a row to help make robust identity and authentication management a more accessible and seamless experience for public sector entities.
What is G-Cloud 11?
The G-Cloud 11 framework is a great example of what governments can do to make sure that public sector agencies have the ability to make informed and competitive choices regarding their cloud service providers (CSPs). It's an internal marketplace of pre-negotiated service terms, allowing agencies to avoid negotiating per-product contracts and providing transparency on CSP pricing models. This streamlines the tender process for public sector entities significantly, providing a base level of legal protection and price points to benchmark against.
The framework clearly outlines pricing structures, security protocols, cost, and platform compatibility among other qualities, serving as a central repository that makes it easy for public sector agencies across the United Kingdom to assess what cloud-based software tools are available to them.
G-Cloud 11 encourages agencies to make the best choices for their own use cases, allowing them to use implementations that might not have been feasible through a traditional government procurement system. Much like the private sector, software needs aren't one-size-fits-all in the public sector, so pre-approved pricing structures make it easier to try software at any scale.
As public sector agencies increasingly draw from the iterative approaches seen in the startup world, software experimentation and resulting productivity gains are becoming the norm. Inclusion on the G-Cloud 11 platform enables public agencies to evaluate a diverse set of tools and services to see what best fits their needs. It's clear that a centralized hub for pre-approved platforms and suppliers is a vital resource in allowing agencies to reduce the amount of time and money spent updating their workflows.
Recent Changes to G-Cloud Frameworks
The G-Cloud 11 framework is the 2019 update of the cloud services portion of the United Kingdom's Digital Marketplace. The Digital Marketplace is the central hub for approved services and suppliers across multiple public sector agencies across the United Kingdom, run by the Crown Commercial Service (CCS). The platform has a broad remit, ranging from booking physical spaces such as datacenters or research labs, to approved developers and auditors.
CCS took over management of the marketplace from the Government Digital Service (GDS) in April 2019. The agency's technology director Niall Quinn describes their work as "Digital Marketplace 2" and has said the Digital Marketplace will support at least the next iteration of G-Cloud. Beyond that, we may see additional or new frameworks as CCS seeks to better serve the complex and diverse public sector market.
G-Cloud 11 was preceded by G-Cloud 10, which has been made obsolete as a result of changes to contract regulations in G-Cloud 11. As a result, products and organizations that were approved under G-Cloud 10 were not guaranteed renewal on that basis, and every supplier had to reapply.
The latest iteration is largely similar to G-Cloud 10 but with a few significant changes. Against the backdrop of devastating data breaches (Facebook, Equifax, British Airways) and the one-year anniversary of GDPR, it's no surprise G-Cloud 11 includes more stringent cybersecurity requirements than its predecessors. As Sam Trendall of Public Technology notes, "One of the most significant alterations is an update to the warranties suppliers will be required to offer in regards to anti-virus and anti-malware technology." G-Cloud 11 also mandates that all firms on the framework implement the newest versions of security software and technology. Previous iterations have simply called for "all reasonable endeavours to prevent viruses and malware."
Another distinguishing feature of G-Cloud 11 over its predecessors is a stronger commitment to Corporate Social Responsibility. New clauses in the Supplier Code of Conduct require suppliers to guarantee "advance equality of opportunity and good relations between those with a protected characteristic in the workplace" and a supply chain that is free of slavery and human trafficking.
G-Cloud 11 features about 4,200 suppliers and nearly 31,100 services, both an increase over G-Cloud 10. CCS tracks spend data since the inception of G-Cloud in real time via their online dashboard.
Benefits of Identity Management in the Public Sector
The UK Public Sector is often criticised for being reactive to new technologies, a criticism that often doesn't take into account the complexities and sheer scale of the requirements of public sector organizations. The G-Cloud regime is an ambitious program designed to help streamline the procurement of and access to, the best in class CSPs — which in the world of identity, means Auth0.
Identity and access management are clearly critical issues for almost all public sector organizations, but adhering to the constantly changing standards is difficult when your organization is locked into a rigid software stack. Having the flexibility to pursue up-to-date software helps agencies be more responsive to changing security needs and threats.
Given the new G-Cloud 11 cybersecurity requirements, Auth0's ability to identify and protect against ever-evolving security threats and our agile development methodology ensures that our customers have accelerated access to security updates and enhancements to security standards. With our continued presence in the G-Cloud market, there is no reason why public sector organizations cannot also benefit from our expertise in this area.
Our accreditation once again on the G-Cloud platform underscores our commitment to democratizing access to our software and mainstream security practices, much like the platform itself aims to improve accessibility and choice to agencies across the United Kingdom.
Prioritizing security and strong identity management can be daunting at any scale, but relying on a centralized cloud management solution like Auth0 means that you can have the same product experience that security experts rely on. We believe that world-class security protections don't have to be reserved for elite companies or users, but that it is a fundamental public good that should be applied in broad contexts and accessed on platforms like the G-Cloud 11 framework.
Auth0's mission is to provide people with secure access to any application with one click or less. Whether you're a public sector agency, a small business owner, or a security-minded user, Auth0 helps ensure you can access the most up-to-date security standards with low overhead and a seamless user experience.
Questions? Please reach out to an Auth0 Resource.