Government unified communications: Efficiency and security challenges

Unified communications in government agencies can boost productivity, but agencies must take special security precautions.

The takeaway: Unified communications for government agencies can result in savings and increased efficiency -- but only if public sector organisations can address the unique security and compliance concerns in government unified communications.

The initial draw for social landlord Newport City Homes to implement unified communications (UC) was similar to most public and private sector organisations that deploy IP-based alternatives to conventional PBX systems: dramatically lower implementation costs and administrative expenses.

In fact, Nigel Ward, IS developer for Newport City Homes -- an agency that manages the city housing for more than 9,500 residents -- puts those savings at  £50,000 for the initial setup and 30% for ongoing IT support costs of a softswitch versus a traditional key telephone system.

Newport City Homes joins a growing list of public and private sector agencies making the migration to feature-rich unified communications technology. Market research firm International Data Corporation (IDC) forecasts that the UC and collaboration (UCC) market in Europe, the Middle East and Africa (EMEA) will grow to nearly $17 billion by 2015 from $6 billion last year.

Yet as compelling as UCC technology can be, the public sector faces unique security and compliance requirements to protect the sensitive data that can be exposed in a collaborative setting.

Security concerns in government unified communications

Newport City Homes deployed Microsoft OCS (since rebranded as Microsoft Lync) in conjunction with Aspect's Unified IP contact centre and immediately found increased efficiency in the customer service and call centre operations. In particular, Ward noted the system's presence feature allows call centre personnel to find the most appropriate resource to resolve an issue, which in many cases is someone who does not have direct contact with the public. But in doing that, the web of people and devices that had access to customer data grew.

Newport City Homes' answer was to tightly integrate the Aspect platform and Microsoft OCS/Lync,. This integration allows Windows authentication to kick in whenever a user accesses critical data.

But governments around the world are putting more pressure on civilian agencies and private sector partners to meet exacting standards, said Martin Sugden, CEO of Boldon James , an information security company and integrator. These measures go beyond piecemeal access management and encryption solutions.

In response, some agencies are using ultra-secure, military-grade messaging protections, such as flash messaging and military-grade file encryption. Boldon James, for example, offers a product called SAFEmail, which provides security checks for inbound and outbound messages in a collaboration environment based on individually set policy.

Creating a common standard for military-grade secure messaging

To address the need for shared secure messaging communications across all public sector collaboration settings, the Transglobal Secure Collaboration Program (TSCP) is working to create a common standard. The project is founded by a number of top defense and aerospace contractors and supported by the U.K. Ministry of Defence and the U.S. Department of Defense. TSCP specifications will not only promote more secure collaboration within and across individual public and private sector organizations but will also adhere to cross-border export controls, or financial transactions that occur between entities across geographic regions. 

Automated policy setting for government unified communications

While encryption and security standards will go a long way toward securing public sector unified communications, the other half of the battle involves setting and enforcing policy for classifying and handling data. Often this requires technology to automate the labeling of messages so users and systems alike can handle the information appropriately.

Agencies can leverage existing technology, such as rights management software, to control access to confidential information while keeping data flowing to authorized users. Sugden, whose company supplies automated rights management solutions, says public sector customers are increasingly looking to work in conjunction to integrate rights management and other data protection technology to broaden their defenses and become more proactive in monitoring communications across agencies.

This trend will contribute to pushing  public sector UC technology into the cloud, though governments remain extremely cautious. Sugden predicts that while the public sector is unlikely to go full throttle into the public cloud, governments will find a way to use hybrid and private clouds to bring down costs. On the private sector side, more U.K. businesses are already finding the cloud to be an ideal environment for unified communications. In a recent survey of Western European enterprises, analyst firm Current Analysis found that 17% of U.K. respondents currently using an on-demand environment to support some aspect of their IT needs are using it for UC functions.  That number is expected to double in just two years.

“Executing on proper security policy and labeling will help [governments] get to the cloud much quicker,” Sugden said.

Inside or outside the cloud, a successful public sector unified communications implementation requires much more than a collection of security technologies that help an agency mark off a box on a compliance checklist.  A truly secure public sector unified communications implementation comes down to having the right policies in place, a workforce that is trained on how to apply them and an automated way to execute on these policies.

Read more on Voice networking and VoIP