|
Local Authorities - The Case for a Secure Remote Access Managed ServiceBy Hytec Information Security
The Government strategy for ‘Transformational Government', published in November 2005, sets out how the effective use of technology can deliver improved services that meet the needs of citizens, businesses and elected officials. Furthermore, the relatively small ratio of IT support staff to users in most local authorities, when compared to the private sector, has seen a move to centralise IT even though remotely located users still need access to these resources.
From staff in schools and libraries to highways department project managers and even local councillors, these key remote users need access to the council's electronic systems.
However, with advent of Hytec's SecureAccess managed service, that has all changed. Authorities can now deliver remote access, without jeopardising their IT security, and at a manageable cost.
Hytec's
SecureAccess managed service utilises
authentication, firewall and encryption technology to provide
the benefits of secure remote access to councillors and authority
staff. The major advantage of this approach is that it does
not require the remote machine to have any security software
loaded on to it. All the security is host-side and access, once
the user is authenticated, can be from any remote machine or
laptop, even a PC in an Internet Café*. Because passwords are no longer considered to offer suitable protection on their own, Hytec's service utilises a strong two-factor authentication process to positively identify each user before granting access to protected information and resources.
Even if access is from a public machine, the authority's network will remain secure and nothing will be left on the remote machine once the session has ended. This is achieved by a Java applet, automatically downloaded to the remote client, which, at the end of each session, wipes clean anything that may have come down from the server and removes itself.
Calculating the return on investment of IT security is always a mix of avoiding negative outcomes, such as security breaches, and enabling a range of positive ones that may not be so immediately obvious.
Cost Savings and Benefits
Perhaps the single biggest saving with Hytec's SecureAccess managed service is that authorities no longer need to supply, manage and support an infrastructure of council-owned PCs, just to allow end-user remote access to the council's network. Authorised users can securely access council systems from their own homes, a remote office, a hotel or even an Internet Café*.
Once a user is configured there is little management required, saving an enormous number of IT administration hours. However perhaps one of the most pertinent cost saving is the future proofing of the Borough's infrastructure. With ever tightening budgets, implementing a solution that will grow easily and without requiring costly additional hardware is invaluable.
Councils also benefit from cost-savings associated with Internet connection charges, where established home workers use their own broadband service to securely access the council's network. Hytec's SecureAccess also supports staff homeworking schemes, enabling staff to work more productively whilst reducing costs associated with office accommodation and travelling time.
In addition to the benefits of improved service, continuity and reliability, many authorities now see the provision of systems, software and service through a managed services contract, rather than individual capital purchases, as crucially important.
This means they have the flexibility to procure systems as an operational expense, with consistent interval payments, rather than as capital expenditure with high ‘front-end' costs. With Hytec's managed services, all the ‘up front' hardware, software and implementation costs are spread equally over the service period. Indeed, Hytec's SecureAccess managed service provides significant savings, in the first year, over traditional capital procurement.
Remote Access and Flexible Working in Practice
County council A county council is using a remote access service to allow its councillors to access IT systems for filling out paperwork and giving local people access to council data and electronic services from any Internet-enabled location, such as public libraries and even Internet kiosks.
Borough council The majority of staff, at this council, are to begin working flexibly by April 2006. Under the council's change programme strategy, staff are being introduced to hotdesking and homeworking. The three- year strategy aims to reduce overheads and reduce administrative burdens on business managers. Two hundred staff will be enabled to “work flexibly in the field, at home and in generic work suites.” Under the plans, half of all council buildings will be used flexibly, disposed of or leased to other users.
Municipal authority A municipal authority which had previously set up a centralised IT service connecting its regional health centres via individual telephone lines and modems has saved considerable line rental costs and space by moving to an Internet-based SSL VPN remote access solution. The new system works from any Internet accessible location, so as an added benefit the municipal authority can set up mobile health clinics at short notice and with little additional IT related expense.
European flexible working regulations New flexible working regulations in one European country gives the right to parents with children under 6 to expect flexible working conditions such as teleworking. This has prompted one local authority to create a remote access solution that allows staff working in accounting, finance and human resources departments to access their work desktop via a secure Internet connection from home. Their broadband-enabled PCs at home are able to access all the council applications and files remotely and allows flexible working without compromising performance.
County council This county council began offering flexible working, in the form of “flexitime”, in the late 1970s and continues its programme today, aiming to reach an impressive desk-to-employee ration of just 3:5 by 2007.
A variety of working arrangements are offered to all staff, allowing them to tailor work to their post and lifestyle. This has an important impact on recruitment where it is very important to have something that attracts potential employees. Potential arrangements include term time working; flexible hours; mobile working; 9 day fortnights; packages that include two or more working styles; and hotdesking which has been particularly successful. A number of service teams have already reached a “virtual” state, working from any buildings or at home. These methods of working result in millions of pounds worth of savings – where a desk, exclusive of IT, costs around £6,000 a year.
Government agency A regional government agency that had invested in bespoke procurement and supply chain management software is reducing it's ongoing running costs by allowing similar agencies in neighbouring boroughs to share the system via an Internet-based remote access solution. With only one data centre shared between four remote user groups, all the agencies have benefited from a better solution with minimal IT support costs.
Access
for Councillors
As a minimum, elected officials require access to e-mail and those applications that hold all Committee Meeting minutes and notes. To date, this has been provided by home PCs and computers supplied by the authority specifically for this purpose, and broadband Internet connection.
With Hytec's managed service, councillors can be provided with secure remote access to their e-mail, information or documents held on the authority intranet or council applications and Microsoft Office tools.
With Hytec's service, it is no longer necessary to provide councillors with council PCs at home. Where previously councillors had to dial-in then wait between 20 and 40 minutes for a 150-page council document to download, with Hytec's service, access is immediate.
As a result, councillors can work more productively and the authority makes significant savings on capital expenditure, IT management and call costs.
Access for Council Staff
The benefits of flexible working or homeworking for employees, with secure remote access to the authority's network, could be huge productivity gains and savings on office accommodation and commuting time. In order to derive these benefits, a growing number of councils are investigating providing some employees with secure remote access to their email, calendars, shared files, policy and procedural documents on the council intranet and special authority applications.
For example, social care professionals, working in joint teams with colleagues from NHS Trusts, could, where authorised, access child protection, occupational therapy or other health data held in either council or NHS systems. M embers of the council IT team would be able to access the council's servers remotely from home, in order to respond to support issues, and remote field workers would be able to stay in touch with the office more easily.
For many workers, this will give them greater freedom in their jobs and contribute to their work/life balance. Many will enjoy less frequent journeys to work and the ability to continue working from home if their children are sick, even catch up on work when they are sick themselves, at weekends or on annual leave. Senior managers, whilst travelling away, will be able to keep on top of their normal workload through access to their email, applications and files.
Because Hytec's service does not require software to be pre-loaded on the user's PC, home workers do not need council equipment to get remote access – they can use their existing PC and broadband connection. Remote field workers can then stay in touch more easily with the office.
Hytec's SecureAccess Service
The Service SecureAccess is a three-year managed security service comprising 6 core elements:
Typically, the SSL VPN and authentication systems are installed on a client's network inside existing firewall defences. Management and monitoring are performed from Hytec's Remote Management Centre.
Simplicity of use Authorised users with access to a web browser - say from a home computer, a remote office or an Internet café - only need to type in the web address of the private network. Security then comes in the form of authentication and the built-in SSL security features of a standard web browser.
Strong authentication User authentication is achieved via RSA's world-leading SecurID appliance. This provides strong, 2-factor, authentication requiring a password or PIN and a personal authenticator device.
Granularity and integrity Secure access can be provided to different categories of users. Staff, customers or partners will be able to access applications for which they have access authority, without compromising the integrity of either applications or data.
Scalability As with all Hytec Managed Security Services, SecureAccess is scaleable and expandable to include other security components, such as:
* Assuming that Java Applet downloads are permitted.
Source: Hytec Information Security www.hytec.co.uk Back to Security Matters index
|
|
|||||||||||||
|
Hytec
Information Security Limited, Eynsham, near Oxford, UK
| tel. 01865 887428 | info@hytec.co.uk
|
|||||||||||||||
