Thought for the day: Leading by example

If local authorities such as Kent County Council can set up a safe and reliable VPN, why can't the big guns in the public sector...

New Asset  
If local authorities such as Kent County Council can set up a safe and reliable VPN, why can't the big guns in the public sector get the hang of joined-up government, asks Simon Moores.

 

 

 

August isn’t the best time to be writing about IT as anyone who can has escaped to the sun. I’m taking a short break as well, to return as programme director for next year’s eCrime Congress, so you can expect to read rather more about e-crime and punishment in the coming months.

Today, I see that NTA Monitor has released a report which reveals one in two government bodies have more than 10 vulnerabilities in their networks and that around 73% show worrying firewall lapses.

Does this come as a surprise? Certainly not, which possibly explains the reluctance on the part of government to respond positively to interview requests for the special report on trustworthy computing that Computer Weekly published in May.

In all fairness, many government agencies and departments take security very seriously. I visited Kent County Council last week to look at a secure virtual private network it has implemented using Windows Terminal Services to support access from remote workers using "personally owned" equipment.

Great idea, I thought, no loss of functionality and lots of strong firewall and token-based security, with no potential for sensitive information leakage to personal hard drives that might turn up at a car boot sale.

Having met with a number of local authorities this year, Kent’s example is certainly one to follow at a time when the public sector needs to think harder and more clearly about the security issues that surround the joined-up government agenda.

If security is one problem, then availability is another, and I see that www.inlandrevenue.gov.uk was unavailable from around 7:25am on Thursday 24 July to 6:55pm on Friday 25 July. The company that revealed this information also found that our friendly tax collection service and flagship of digital excellence resembled Alice in Wonderland’s Cheshire cat for visibility between 22 July and 29 July, when it was only available for a total of 38 hours, a proud record of 75% availability.

If this were a private-sector organisation of similar size, someone might be fired for such unreliability, but the uneasy relationship between services and the Treasury is vague at the best of times, and both the NHS and the Inland Revenue continue to lavish huge amounts of money on IT with little visible benefit.

Call me old-fashioned, but I think it's reasonable to expect the same levels of security and availability from the public sector as we do from the private sector, which is, of course, accountable to shareholders, rather than special committees.

Unfortunately, readers tell me that while a great deal of investment goes towards choosing the best solutions and procedures, it’s paperwork, poor management and rivalries that interfere with the end result, which is why we see £96m being spent on the NHS e-mail system and the Inland Revenue stumbles from one embarrassment to the next.

I wonder, if e-government was switched off during August and, like Parliament, went on holiday to Ibiza for a month, would anyone notice?

What do you think?

Do you know of a reliable government website?  Tell us in an e-mail >>  ComputerWeekly.com reserves the right to edit and publish answers on the website. Please state if your answer is not for publication.

Setting the world to rights with the collected thoughts and opinions of leading industry analyst Dr Simon Moores of Zentelligence.

Acting globally, Zentelligence (Research) advises governments, suppliers, business and the media on the evolution, application and delivery of leading-edge technologies and specialises in the areas of eGovernment and information security.

For further information on Zentelligence and its research, presentation and analyst services visit www.zentelligence.com

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close