View
214
Download
0
Embed Size (px)
Citation preview
Creating an accreditable secure remote working solution
- 10 Step Guide for Local Authorities -
© 2010This document contains information which is confidential to Becrypt. This document shall only be used in connection with the Becrypt work for which it is provided.
Neither the whole nor any part of this document shall be disclosed to any party without Becrypt‘s prior written consent.
David Taylor
Security Engineer, Becrypt
Creating a remote working solution for your staff
Laptops for everyone?
Costs issues
Security vs Mobility
Issues with staff using home or personal equipment
You need to consider – Technical Issues
Costs and value for money
Security, network and data
Usability, use of unmanaged/ personal equipment
Speed of implementation
You need to consider – User Issues
Cultural, security needs to part of the culture
Training and usability
System testing
Customer Case Study – The Devon Partnership
Project Objective– A working, affordable, CESG accredited, Code of Connection compliant
solution for mobile working over GCSX that does not rely on the use of local authority provided IT kit.
Rationale– Allow homeworkers able to use their own PC.– Reduce costs by allowing staff to use their own PC from home for ad hoc use.– Support green travel initiatives, property rationalisation, staff productivity – Improved security of information – less risk that laptops go missing– Increased use of GCSX secure email by peripatetic staff, particularly those
working in social care with Health partners.
Local Authority Dynamics
Time of Austerity
27% cost savings over 4 years – 6/10 desk ratio
Compliance with GCSx CoCo 4.1
Compliance with Data Protection Act 1998
Compliance with GPG 10 v2.1 on remote working
Moving to Public Sector Network (PSN) IA standards in 2012
Merging of authorities – shared sites, separate networks
The GSI Code of Connection for GCSX
The GSI Code of Connection for GCSX details that for mobile/home working any mobile/remote and or home working solution must meet the HMG IA policy and Guidance (eg. CESG GPG no 10).
It specifies that data at rest on a remote device, or in transit is encrypted, using a FIPS 140-2 with CCTM approved product.
GCSX is an IL2 network as confirmed by the Code of Connection v4.1 and CESG
CESG guidance on Remote Working:
GPG10 and GPG10A states that a Remote Working Solution needs to ensure that:
– any use of portable electronic devices will be authorised, managed and configured and operated in accordance with CESG guidance.
– all remote connections must be from authorised official and/or managed services and records of activity are maintained (e.g. on Home PCs).
– personal firewalls must be installed and enabled and two factor authentication must be used for remote access from remote working devices.
CESG Information Assurance Note (CIAN 02/10) document :– “recognise the cost savings a bootable media based remote working solution may
bring, necessitating CESG to clarify when this is appropriate and what other alternatives can be considered”
CESG GPG September 2010, Issue 2.1
The revised guidance on bootable media and it states that:– A bootable media based solution using thin client technology for remote
access is intended for normal and regular business at IL2 or below from personal IT equipment as part of an accredited solution (following the guidance in GPG10).
– Provided that [bootable media] do not allow off-line functionality or permit data to be resident on the bootable media itself
– It should only be a thin-client remote access solution
Use of Home equipment…
“IT IS EXTREMELY DIFFICULT TO EXERCISE ADEQUATE TECHNICAL AND PROCEDURAL CONTROLS OVER UNACCREDITED IT EQUIPMENT. YOU MUST NOT USE UNACCREDITED IT EQUIPMENT TO PROCESS ANY PROTECTIVELY MARKED GOVERNMENT DATA. EXCEPTIONALLY, PERSONAL IT EQUIPMENT IN CONJUNCTION WITH A BOOTABLE MEDIA SOLUTION USING THIN CLIENT TECHNOLOGY FOR REMOTE ACCESS, FOLLOWING THE GUIDANCE IN CHAPTER 6 AND ONLY WHERE THE IMPACT LEVEL IS ASSESSED AS 2 OR BELOW, IS PERMISSIBLE AS PART OF AN ACCREDITED SOLUTION FOR REMOTE WORKING”.(CESG’s Good Practice Guide to Remote Working 10 version 2.1 Chapter 5, Paragraph 117)
Use of a bootable solution
“ISSUE 2.0 OF THIS GPG STATED THAT A BOOTABLE MEDIA BASED SOLUTION WAS SUITABLE FOR OCCASIONAL USAGE OR SHORT-TERM CRISIS RESPONSE UP TO IL2. CESG HAVE REVISED THIS GUIDANCE TO SUPPORT BOOTABLE MEDIA SOLUTIONS FOR NORMAL AND REGULAR WORKING UP TO IL2 PROVIDED THAT THEY DO NOT ALLOW OFF-LINE FUNCTIONALITY OR PERMIT DATA TO BE RESIDENT ON THE BOOTABLE MEDIA ITSELF; IT SHOULD ONLY BE A THIN-CLIENT REMOTE ACCESS SOLUTION.”.(CESG’s Good Practice Guide to Remote Working 10 version 2.1 Chapter 6, Paragraph 172)
Trusted Client
Low cost, secure remote working solution using, ‘thin terminal’ Linux operating system
Government certified (IL2)
Hardened environment (port control, application control)
Integrated with VMware View and Citrix
3 variants : Bootable, Portable and Streamed editions
Trusted Client – delivery mechanism
Bootable Edition– Transforms unmanaged PCs into low-cost secure remote access points– Certified for Government secure remote working (IL2)
Portable Edition – Cost-effective secure thin client remote access for managed devices– Convert standard netbooks, laptops and desktops into low cost mobile computing
devices– Certified for Government secure remote working (IL3) (Chapter 5 GPG10 2.1)
Streamed Edition– Re-purpose existing Desktop estate– Provide low cost, efficient Thin Client access to back end services inside the Enterprise.
Why do you need an Accredited Remote Working Solution?
Home computer systems and portable computers connecting from remote locations
The challenge of maintaining network security and data integrity
Enabling multiple methods of accessing files – including email, remote access and intranet
Conforming to CESG guidelines
Step One – Carrying out the initial research
Ensure that there is backing for compliance at the highest board or director level.
Identify funding streams that are available to finance additional IT products and infrastructure changes that may be required.
Detailed research is required to identify the data owners within your organisation, as well as the data users and access required. (use policy)
Step Two – Preparing your project plan
Prepare a clear project plan with clear requirements, objectives and deliverables
Outline timescales (start and end date) and resources required (including the staff and skills)
Set clear milestones and checkpoints to track the progress of the project
Step Three – Determining the data protection levels
Identify at what level the data needs to be protected.
Review all data that is in the public domain, and then to the next level of data protection, impact levels IL 1 and 2 (which may contain personal data, names and addresses, date of birth).
IL3 data access requires TC Portable for remote working.
Step Four – The Technical Architecture
Prepare your technical architecture and framework with clear diagrams. A good architecture will clearly illustrate how the data will flow from one point to the next.
The flow diagram will need to conform to Her Majesty’s Government (HMG) and International standards (ISO27001) and those outlined in the CESG Good Practice Guide
Step Five – Setting up your proof of concept
A timeframe of about 3 weeks is recommended
Followed with an IT health check (pentest)
Such testing should be an ongoing process, not just part of the initial pilot but part of CoCo
Step Six – Documenting your project
Document the project including physical, procedural elements, personnel and technical information is an important part of the compliance
Security controls must be in place for data handling and backup and storage processes
As well as user guides and training for the remote security tools that are in use
Step Seven – Seeking guidance
Seek guidance if you are unsure about any aspects of compliance (CESG)
Have the compliance documentation quality checked before submission
Cover this aspect early on as possible
Step Eight – Include a regular maintenance plan
Regular maintenance should be built into your plan after your system goes live
Audits should ensure that the system is running well
Should also consider a disposal policy
Step Nine – Include a business continuity plan
Backup plan in the event of a failure
Put in place a robust recovery plan
Step Ten – Apply for Accreditation
With a fully detailed, accurate project plan you can apply for Accreditation for Secure Remote Working
Customer Case Study – The Devon Partnership
Project Objective– A working, affordable, CESG accredited, Code of Connection compliant
solution for mobile working over GCSX that does not rely on the use of local authority provided IT kit.
Rationale– Allow homeworkers able to use their own PC.– Reduce costs by allowing staff to use their own PC from home for ad hoc use.– Support green travel initiatives, property rationalisation, staff productivity – Improved security of information – less risk that laptops go missing– Increased use of GCSX secure email by peripatetic staff, particularly those
working in social care with Health partners.
Challenges faced
Clarifying the IL2/IL3 nature of the GCSX network for local authorities
Obtaining guidance on what solutions had any chance of being approved
Finding out who ‘approves’ a solution
Getting consistent advice
And finally – making it work!
The Solution
Approved for an IL2 network (GCSX)
Data owners need to be aware of, and accept, risks to IL3 information
This is the only way of meeting the project objective which currently has verbal approval from CESG and AWG (GSi Notice has been submitted to CESG by Government Connect for review)
Project will publish a toolkit on the Community of Practice website www.communities.idea.gov.uk
– IS1 risk assessment– Generic design– IT Health Check specification– Case Study
Four components using accredited products :– Becrypt Trusted Client– Two factor authentication– Client side SSL Certification – Thin client solution (Citrix Netscaler or full VPN)