You are in:
Set the building blocks for secure data
Putting the pieces in place for secure communications is now more important than ever, writes Stephen Lewis, VP of Business Development at AEP Networks.
Transformational agenda
Like any commercial organisation, modern government (and its associated public departments) relies on accurate and timely information. Information sharing, management of identity and information assurance are therefore crucial. This means that core IT systems must be secure but they must also be convenient for those intended to use them. Making data available to a number of associated departments, to employees accessing remotely and to the citizens that are being served is a huge step forward in some regards but creates a whole range of issues to those focusing on the security of the data stored.
There has never been a greater need for information to be protected using encryption to prevent it from falling into the wrong hands. At the smae time, the drive to allow more efficient sharing of data and to encourage more effective team working has never been more compelling. The key is to deliver the same level of security throughout the systems which will enable all departments to work seamlessly together without compromising on security of data. Here, compatibility with security standards on the core infrastructure e.g. PNN 3, is essential.
Within the police forces, this also relates to the ability for officers to work from home and while out and about. Remote access is not a new concept but it requires a high level of security when the data being accessed is of a sensitive nature. Within the police force, there are other remote or mobile access requirements that demand a highly secure response as well as immediate availability.
When a major incident happens, the police (and other emergency services) need to be at the heart of the event, often in large numbers and always with all of their systems and communications in place. Sounds simple enough and the police are all too familiar with the procedures needed to set up a mobile incident room. It is the communications that often prove to be most challenging and the requirement for security that surrounds these major cases.
Getting up and running quickly is key so starting from scratch each time is not the solution. What is needed is a more plug and play, modular approach to mobile incident room systems so that everything is on hand quickly to enable the officers to do their job efficiently. Not only would this minimise the lead time for mobile units to set up the required systems, it would also dramatically cut the communications costs of supporting incident investigations.
Example; securing remote access at the G8 Summit
Heads of State and government officials from the world’s eight most powerful nations met in Scotland to discuss some of the biggest challenges facing the world today. The challenge for the 2005 G8 Summit’s many different agencies was to secure a remote access from other locations including the Media Centre at Gleneagles Hotel and various Command Centres.
Perth & Kinross Council decided the best way forward was to provide secure access to services via the internet using AEP Networks Netilla Security Platform. The Netilla Security Platform (NSP) was chosen due to its high level of security combined with ease and speed of deployment. By utilising its existing SSL VPN solution the applications required could be accessed securely through any web browser and with extremely low bandwidth requirements. Throughout the G8 Summit, key personnel successfully used the NSP for secure remote access to services and applications located at Perth & Kinross Council’s HQ.
Conclusion
There is more focus today on controlling who gets access to what information and what they are then able to do with it. The news coverage about security failures of recent months and years has focused the spotlight directly on availability of – and access to – sensitive data circulating in public sector organisations. At the same time, we are seeing the EU extolling the virtues of making public services more available over the internet. Having some form of central authentication is vital to ensure that those accessing data stores have the rights to do so and pose no threat to the security of the data. Sophisticated data encryption technologies should be used when data is being communicated over networks, be they local or wide.
All public organisations need to step up to the need for access and take the security threats very seriously. Perhaps the long anticipated Hannigan Report will clarify the rules and standards expected for the protection of personal data within government departments moving forward.
