Security at the heart of museum's IT update

Delivering unified threat management was a priority for the infrastructure upgrade that's part of the Museum of Contemporary Art's redevelopment

A museum is one of the last places I'd expect to hear about a massive IT project but a major AUD$53 million redevelopment at the Museum of Contemporary Art (MCA) in Sydney infrastructure will delver an environment where visual technology will be deployed for the benefit of artists, visitors and employees. The IT component of the MCA's redevelopment is being run by Euan Upston, Chief Operating Officer. While moving all that data and providing access to myriad services is a difficult task Upston is also taking a careful look at the MCA's security.

“As an internationally renowned museum, we have a need to protect our reputation and this requires the highest levels of IP and IT security. As a business, we don’t function without IT and IT security is a business imperative. We can’t afford to suffer hack attacks and this will become even more evident in our expanded building next year when network availability will become even more necessary.” says Upston.

Three years ago, Upston identified that the existing security infrastructure was not going to scale with the MCA's growth and redevelopment. “We had the usual corporate security requirements for finance and management users, as well as remote access to systems and email. At the same time, we had additional dynamic requirements from users of the MCA’s venues where we might run VoIP and web access for an auction for Sotheby’s, full streaming video for a conference or software launch, or just plain internet or video conferencing for a meeting or seminar. In addition, the kind of protection you might expect a museum to apply to its physical assets, we needed to apply to our digital assets of more than 11,000 works of art.”

At the heart of any successful IT project is a well understood set of requirements. Upston knew exactly what he was after following the review. He was looking for an appliance that offered full threat management capability, failover features and a very flexible and configurable platform in support of a high level of security. “For example, we have had access requests for requirements from monitoring the position of the sun live for the Korean Biennale through to accessing a web server for live updates on a work of art where interactive wireless helmets were used in helmets on bicycles and where the experience involved riding around The Rocks precinct and engaging with the exhibit depending on location and GPS coordinates,” says Upston.

Upston looked at the market and commissioned an external consultant to support that review. The result was a decision to replace the separate pieces of security equipment and replace them with a unified threat management system. Ultimately, Upston chose appliances from WatchGuard that supported Layer 7 firewalling capability with deep packet inspection.

The MCA took a phased approach to this shift. After the initial review, Upston had the old security infrastructure replaced by a new appliance - WatchGuard Firebox x550e. Once the MCA's redevelopment is complete in 2012, that device will be replaced with a pair of WatchGuard XTM5 appliances running in High Availability mode in order to ensure that security is maintained in the event of a device failing.

During the MCA's redevelopment, many staff have been temporally relocated to alternative office arrangements within the confines of a virtual private network. As well as having a secondary office location, staff are able to work remotely as the new security systems allow staff to remotely access the corporate server and work securely from home. This in turn has boosted workplace productivity, reinforced business continuity and supported the organisation’s green credentials.

Read more on Privacy and data protection