Created on 18.11.2008
Improving service delivery without exposing public sector networks
Expectations regarding service delivery have risen dramatically in the past decade, on the back of technological advancements that have enabled organisations to overhaul many of their traditional working practices. The public sector is by no means exempt from this, and in some areas is now leading the way. For instance, a recent poll of public sector managers saw approximately 39 percent report that flexible working was indeed encouraged in their organisation*. This is very much in line with the ongoing ‘Transformational Government Strategy’ and places great emphasis on the need for organisations to become more agile, more responsive and better able to serve the public at large. Another key aspect of the strategy is joined-up service delivery – namely, allowing different public sector bodies to collaborate more closely, sharing resources and information to provide a higher standard of service.
Of course, these two initiatives go hand-in-hand with a more agile approach to IT, which unfortunately is now creating security problems for IT managers up and down the country. On the one hand, these managers are supposed to be facilitating new ways of working, while at the same time they’re supposed to be ramping up their security efforts, following a series of high-profile data breaches during 2008.
Perhaps the biggest headline-grabber is mobile device loss. As more laptops get used by public sector organisations for transporting/sharing sensitive data, the impact of losing these devices has grown immeasurably, thus explaining the public outcry in the event of any data loss.
Clearly laptop security must be a priority; however, it’s not just laptops that remove data from the walls of an organisation. IT managers are being called upon to extend network provision to mobile workers and neighbouring organisations, allowing these users to log into the network and access data irrespective of their location. Unfortunately, this often means lowering security measures, a situation clearly unacceptable given the sensitive nature of the information, which can include medical records, contact details, employment history, and even bank details. For this reason, public sector networks are also a prime target for financially-motivated computer hackers, who can take advantage of unsecured desktop PCs or laptops in order to gain unauthorised network access, usually by exploiting software or operating system vulnerabilities on the machine using malware, spyware or Trojan horses. It only takes one virus-infected computer to jeopardise an entire network, and should the hacker succeed, it could result in both financial loss and severe reputational damage at both a local and nationwide level.
It is therefore vital that IT managers retain the ability to control who can access the network, restricting the use of any machines that may be compromised or susceptible to attack. This requires network visibility – never easy to achieve – as well as an automated means of checking each machine prior to granting network access.
Network Access Control (NAC) uptake has been steadily increasing throughout the education sector in recent years, with awareness now spreading to other areas of the public sector. NAC gives IT managers the power to swiftly create and enforce security polices across the entire network, regardless of the user’s location or the device from which they’re attempting to login. Essentially, NAC will judge if a particular user – whether internal, remote or a visitor – trying to access to a certain part of the network is compliant with the pre-defined security policies. If they’re compliant, then they’re allowed on; if not, they’re either denied access or given a series of remedial options designed to make their device compliant.
On a practical level, this involves taking each user to a login portal and giving their device a ‘medical’ prior to access, checking they have anti-virus, security patches and any other required software updates. It sounds simple, but the surprising truth is that currently a huge number of organisations have no such means of preventing users from connecting to the network. Yes, many of them will require usernames and passwords to logon, but only NAC will ensure that both user and machine have the required security credentials. Furthermore, NAC provides much-needed identity management capabilities, so that organisations know who is accessing the network at any time, and can limit the data available to different users so that the risk of it being compromised is dramatically reduced.
As fears over data security grow ever higher, it’s vital that public sector organisations act now to safeguard their networks against the threat of unauthorised access – after all, too many more breaches and no one is going to want to part with their personal data in the first place, thus jeopardising no end of joined-up government initiatives.
*National School of Government and Ashridge Business School - Public Management - October 08
For further information on how KHIPU and our NAC offerring has helped organisations secure their networks, please contact us.
About Khipu Networks
Khipu Networks is a UK-based advanced systems integrator, focusing on supplying innovative secure compliant infrastructure solutions across the public and private sector. The company is a leading adopter of new and best-in-breed technology – expert technical staff ensure that customers get the solutions they need, when they want them and how they need them. The ethos is to ensure that the customer has the edge on the security and compliance of their network and not the attacker. Hampshire based Khipu Networks Ltd is the security division of the White Clarke Group of companies. Khipu Networks is an Alcatel-Lucent Direct Partner (specialists in wireless) and the exclusive reseller of Bradford Campus Manager in the UK and Ireland. Khipu was also awarded Alcatel-Lucent Business Partner of the Year 2008. www.khipu-networks.com.
Bradford Networks - International Channel Partner of the Year for 2007/08
For further information, please contact Khipu:
- T: 0845 2720900
- Register Your Interest and one of our consultants will contact you. Click Here
Khipu Networks Limited
