Latest news
It is no secret that the UK Government is still running at a significant loss. It is therefore no surprise that organisations are having to cut costs, and for the public sector, this has fast become its mantra. The NHS, Children’s Services, Housing and Regeneration, Local Government, the Police Force - everywhere you turn there is a generic call to introduce changes that will save money.One popular initiative has seen many local councils consolidate their operations by co-locating their staff. NHS, education, council employees and others are all congregating together in one central location in an effort to reduce property costs. While on the surface this seems a practical solution, for the IT team it’s a logistical nightmare.
Physical connectivity
Imagine if you will, each department existing in its own locale. Part of the infrastructure would typically include a physical IT network. Just like a building has walls protecting the contents inside, the network too would have barriers, or gateways, to prevent external access.
As organisations come together, under one roof, so too do the networks on which they function and this is where the complexity begins.
Sticking with the physical building analogy, if you give someone a key to the front door, without a thought to the security within the building, then that person is free to roam all the floors, corridors, offices and potentially rifle through the unlocked drawers and filing cabinets within. Similarly, a physical network is made up of several layers and it’s reliant on someone physically locking all the areas, or compartments, to prevent unauthorised access.
It is imperative that a company controls which individual has access to which services, applications and information and from where. They also need to ensure that each individual is actually who they claim to be. While this sounds pretty straight forward, it can be very complex to manage without the right tools.
Before I continue its worth clarifying that inadequate data protection will get you into a whole heap of trouble. If you’re in any doubt a quick internet search of ‘public sector data breaches’ will bring up a long list of organisations that stand testament to the size of the problem, and the penalties they’ve incurred as a result.
Networkless connectivity
Instead of building separate physical or rigidly constructed networks for each organisation, one method that is gaining popularity is to create one network, and to control access to the services and data it houses at the point of entry.
Spotlight
Is it time to professionalize information security?
Posted on 23 May 2013. | The issue of whether or not information security professionals should be licensed to practice has already been the topic of many a passionate debate.
Review: Logging and Log Management
Posted on 22 May 2013. | Every security practitioner should be aware of the overwhelming advantages of logging and perusing logs for discovering system intrusions. But logging and log management comes with its own set of difficulties.
Experts highlight top data breach vulnerabilities
Posted on 22 May 2013. | Hidden vulnerabilities lie in everyday activities that can expose personal information and lead to data breach, including buying gas with a credit card or wearing a pacemaker.
A closer look at Mega cloud storage
Posted on 21 May 2013. | Once a novelty, nowadays many cloud storage services are fighting for their piece of the market in the virtual world. Mega offers 50GB of free space with great pricing on Pro accounts.
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
