340 likes | 770 Views
Creating an accreditable secure remote working solution - 10 Step Guide for Local Authorities - . David Taylor Security Engineer, Becrypt. © 2010
E N D
Creating an accreditable secure remote working solution - 10 Step Guide for Local Authorities - David Taylor Security Engineer, Becrypt © 2010 This document contains information which is confidential to Becrypt. This document shall only be used in connection with the Becrypt work for which it is provided. Neither the whole nor any part of this document shall be disclosed to any party without Becrypt‘s prior written consent.
Creating a remote working solution for your staff • Laptops for everyone? • Costs issues • Security vs Mobility • Issues with staff using home or personal equipment
You need to consider – Technical Issues • Costs and value for money • Security, network and data • Usability, use of unmanaged/ personal equipment • Speed of implementation
You need to consider – User Issues • Cultural, security needs to part of the culture • Training and usability • System testing
Customer Case Study – The Devon Partnership Project Objective A working, affordable, CESG accredited, Code of Connection compliant solution for mobile working over GCSX that does not rely on the use of local authority provided IT kit. Rationale Allow homeworkers able to use their own PC. Reduce costs by allowing staff to use their own PC from home for ad hoc use. Support green travel initiatives, property rationalisation, staff productivity Improved security of information – less risk that laptops go missing Increased use of GCSX secure email by peripatetic staff, particularly those working in social care with Health partners.
Local Authority Dynamics • Time of Austerity • 27% cost savings over 4 years – 6/10 desk ratio • Compliance with GCSx CoCo 4.1 • Compliance with Data Protection Act 1998 • Compliance with GPG 10 v2.1 on remote working • Moving to Public Sector Network (PSN) IA standards in 2012 • Merging of authorities – shared sites, separate networks
The GSI Code of Connection for GCSX • The GSI Code of Connection for GCSX details that for mobile/home working any mobile/remote and or home working solution must meet the HMG IA policy and Guidance (eg. CESG GPG no 10). • It specifies that data at rest on a remote device, or in transit is encrypted, using a FIPS 140-2 with CCTM approved product. • GCSX is an IL2 network as confirmed by the Code of Connection v4.1 and CESG
CESG guidance on Remote Working: • GPG10 and GPG10A states that a Remote Working Solution needs to ensure that: • any use of portable electronic devices will be authorised, managed and configured and operated in accordance with CESG guidance. • all remote connections must be from authorised official and/or managed services and records of activity are maintained (e.g. on Home PCs). • personal firewalls must be installed and enabled and two factor authentication must be used for remote access from remote working devices. • CESG Information Assurance Note (CIAN 02/10) document : • “recognise the cost savings a bootable media based remote working solution may bring, necessitating CESG to clarify when this is appropriate and what other alternatives can be considered”
CESG GPG September 2010, Issue 2.1 • The revised guidance on bootable media and it states that: • A bootable media based solution using thin client technology for remote access is intended for normal and regular business at IL2 or below from personal IT equipment as part of an accredited solution (following the guidance in GPG10). • Provided that [bootable media] do not allow off-line functionality or permit data to be resident on the bootable media itself • It should only be a thin-client remote access solution
Use of Home equipment… • “IT IS EXTREMELY DIFFICULT TO EXERCISE ADEQUATE TECHNICAL AND PROCEDURAL CONTROLS OVER UNACCREDITED IT EQUIPMENT. YOU MUST NOT USE UNACCREDITED IT EQUIPMENT TO PROCESS ANY PROTECTIVELY MARKED GOVERNMENT DATA. EXCEPTIONALLY, PERSONAL IT EQUIPMENT IN CONJUNCTION WITH A BOOTABLE MEDIA SOLUTION USING THIN CLIENT TECHNOLOGY FOR REMOTE ACCESS, FOLLOWING THE GUIDANCE IN CHAPTER 6 AND ONLY WHERE THE IMPACT LEVEL IS ASSESSED AS 2 OR BELOW, IS PERMISSIBLE AS PART OF AN ACCREDITED SOLUTION FOR REMOTE WORKING”.(CESG’s Good Practice Guide to Remote Working 10 version 2.1 Chapter 5, Paragraph 117)
Use of a bootable solution • “ISSUE 2.0 OF THIS GPG STATED THAT A BOOTABLE MEDIA BASED SOLUTION WAS SUITABLE FOR OCCASIONAL USAGE OR SHORT-TERM CRISIS RESPONSE UP TO IL2. CESG HAVE REVISED THIS GUIDANCE TO SUPPORT BOOTABLE MEDIA SOLUTIONS FOR NORMAL AND REGULAR WORKING UP TO IL2 PROVIDED THAT THEY DO NOT ALLOW OFF-LINE FUNCTIONALITY OR PERMIT DATA TO BE RESIDENT ON THE BOOTABLE MEDIA ITSELF; IT SHOULD ONLY BE A THIN-CLIENT REMOTE ACCESS SOLUTION.”.(CESG’s Good Practice Guide to Remote Working 10 version 2.1 Chapter 6, Paragraph 172)
Trusted Client • Low cost, secure remote working solution using, ‘thin terminal’ Linux operating system • Government certified (IL2) • Hardened environment (port control, application control) • Integrated with VMware View and Citrix • 3 variants : Bootable, Portable and Streamed editions
Trusted Client – delivery mechanism • Bootable Edition • Transforms unmanaged PCs into low-cost secure remote access points • Certified for Government secure remote working (IL2) • Portable Edition • Cost-effective secure thin client remote access for managed devices • Convert standard netbooks, laptops and desktops into low cost mobile computing devices • Certified for Government secure remote working (IL3) (Chapter 5 GPG10 2.1) • Streamed Edition • Re-purpose existing Desktop estate • Provide low cost, efficient Thin Client access to back end services inside the Enterprise.
10 Step Guide for Creating an Accredited Remote Working Solutionfollowing the guidance in GPG 10
Why do you need an Accredited Remote Working Solution? • Home computer systems and portable computers connecting from remote locations • The challenge of maintaining network security and data integrity • Enabling multiple methods of accessing files – including email, remote access and intranet • Conforming to CESG guidelines
Step One – Carrying out the initial research • Ensure that there is backing for compliance at the highest board or director level. • Identify funding streams that are available to finance additional IT products and infrastructure changes that may be required. • Detailed research is required to identify the data owners within your organisation, as well as the data users and access required. (use policy)
Step Two – Preparing your project plan • Prepare a clear project plan with clear requirements, objectives and deliverables • Outline timescales (start and end date) and resources required (including the staff and skills) • Set clear milestones and checkpoints to track the progress of the project
Step Three – Determining the data protection levels • Identify at what level the data needs to be protected. • Review all data that is in the public domain, and then to the next level of data protection, impact levels IL 1 and 2 (which may contain personal data, names and addresses, date of birth). • IL3 data access requires TC Portable for remote working.
Step Four – The Technical Architecture • Prepare your technical architecture and framework with clear diagrams. A good architecture will clearly illustrate how the data will flow from one point to the next. • The flow diagram will need to conform to Her Majesty’s Government (HMG) and International standards (ISO27001) and those outlined in the CESG Good Practice Guide
LA External Firewall (EAL4) The Technical Architecture Diagram
Step Five – Setting up your proof of concept • A timeframe of about 3 weeks is recommended • Followed with an IT health check (pentest) • Such testing should be an ongoing process, not just part of the initial pilot but part of CoCo
Step Six – Documenting your project • Document the project including physical, procedural elements, personnel and technical information is an important part of the compliance • Security controls must be in place for data handling and backup and storage processes • As well as user guides and training for the remote security tools that are in use
Step Seven – Seeking guidance • Seek guidance if you are unsure about any aspects of compliance (CESG) • Have the compliance documentation quality checked before submission • Cover this aspect early on as possible
Step Eight – Include a regular maintenance plan • Regular maintenance should be built into your plan after your system goes live • Audits should ensure that the system is running well • Should also consider a disposal policy
Step Nine – Include a business continuity plan • Backup plan in the event of a failure • Put in place a robust recovery plan
Step Ten – Apply for Accreditation • With a fully detailed, accurate project plan you can apply for Accreditation for Secure Remote Working
Customer Case Study – The Devon Partnership • Project Objective • A working, affordable, CESG accredited, Code of Connection compliant solution for mobile working over GCSX that does not rely on the use of local authority provided IT kit. • Rationale • Allow homeworkers able to use their own PC. • Reduce costs by allowing staff to use their own PC from home for ad hoc use. • Support green travel initiatives, property rationalisation, staff productivity • Improved security of information – less risk that laptops go missing • Increased use of GCSX secure email by peripatetic staff, particularly those working in social care with Health partners.
Challenges faced • Clarifying the IL2/IL3 nature of the GCSX network for local authorities • Obtaining guidance on what solutions had any chance of being approved • Finding out who ‘approves’ a solution • Getting consistent advice • And finally – making it work!
The Solution • Approved for an IL2 network (GCSX) • Data owners need to be aware of, and accept, risks to IL3 information • This is the only way of meeting the project objective which currently has verbal approval from CESG and AWG (GSi Notice has been submitted to CESG by Government Connect for review) • Project will publish a toolkit on the Community of Practice website www.communities.idea.gov.uk • IS1 risk assessment • Generic design • IT Health Check specification • Case Study • Four components using accredited products : • Becrypt Trusted Client • Two factor authentication • Client side SSL Certification • Thin client solution (Citrix Netscaler or full VPN)
Thank You • Questions?