Creating an accreditable secure remote working solution

- 10 Step Guide for Local Authorities -

© 2010This document contains information which is confidential to Becrypt. This document shall only be used in connection with the Becrypt work for which it is provided.

Neither the whole nor any part of this document shall be disclosed to any party without Becrypt‘s prior written consent.

David Taylor

Security Engineer, Becrypt

Creating a remote working solution for your staff

Creating a remote working solution for your staff

Laptops for everyone?

Costs issues

Security vs Mobility

Issues with staff using home or personal equipment

You need to consider – Technical Issues

Costs and value for money

Security, network and data

Usability, use of unmanaged/ personal equipment

Speed of implementation

You need to consider – User Issues

Cultural, security needs to part of the culture

Training and usability

System testing

Customer Case Study – The Devon Partnership

Project Objective– A working, affordable, CESG accredited, Code of Connection compliant

solution for mobile working over GCSX that does not rely on the use of local authority provided IT kit.

Rationale– Allow homeworkers able to use their own PC.– Reduce costs by allowing staff to use their own PC from home for ad hoc use.– Support green travel initiatives, property rationalisation, staff productivity – Improved security of information – less risk that laptops go missing– Increased use of GCSX secure email by peripatetic staff, particularly those

working in social care with Health partners.

Local Authority Dynamics

Time of Austerity

27% cost savings over 4 years – 6/10 desk ratio

Compliance with GCSx CoCo 4.1

Compliance with Data Protection Act 1998

Compliance with GPG 10 v2.1 on remote working

Moving to Public Sector Network (PSN) IA standards in 2012

Merging of authorities – shared sites, separate networks

Understanding the CESG guidance on Remote Working

The GSI Code of Connection for GCSX

The GSI Code of Connection for GCSX details that for mobile/home working any mobile/remote and or home working solution must meet the HMG IA policy and Guidance (eg. CESG GPG no 10).

It specifies that data at rest on a remote device, or in transit is encrypted, using a FIPS 140-2 with CCTM approved product.

GCSX is an IL2 network as confirmed by the Code of Connection v4.1 and CESG

CESG guidance on Remote Working:

GPG10 and GPG10A states that a Remote Working Solution needs to ensure that:

– any use of portable electronic devices will be authorised, managed and configured and operated in accordance with CESG guidance.

– all remote connections must be from authorised official and/or managed services and records of activity are maintained (e.g. on Home PCs).

– personal firewalls must be installed and enabled and two factor authentication must be used for remote access from remote working devices.

CESG Information Assurance Note (CIAN 02/10) document :– “recognise the cost savings a bootable media based remote working solution may

bring, necessitating CESG to clarify when this is appropriate and what other alternatives can be considered”

CESG GPG September 2010, Issue 2.1

The revised guidance on bootable media and it states that:– A bootable media based solution using thin client technology for remote

access is intended for normal and regular business at IL2 or below from personal IT equipment as part of an accredited solution (following the guidance in GPG10).

– Provided that [bootable media] do not allow off-line functionality or permit data to be resident on the bootable media itself

– It should only be a thin-client remote access solution

Use of Home equipment…

“IT IS EXTREMELY DIFFICULT TO EXERCISE ADEQUATE TECHNICAL AND PROCEDURAL CONTROLS OVER UNACCREDITED IT EQUIPMENT. YOU MUST NOT USE UNACCREDITED IT EQUIPMENT TO PROCESS ANY PROTECTIVELY MARKED GOVERNMENT DATA. EXCEPTIONALLY, PERSONAL IT EQUIPMENT IN CONJUNCTION WITH A BOOTABLE MEDIA SOLUTION USING THIN CLIENT TECHNOLOGY FOR REMOTE ACCESS, FOLLOWING THE GUIDANCE IN CHAPTER 6 AND ONLY WHERE THE IMPACT LEVEL IS ASSESSED AS 2 OR BELOW, IS PERMISSIBLE AS PART OF AN ACCREDITED SOLUTION FOR REMOTE WORKING”.(CESG’s Good Practice Guide to Remote Working 10 version 2.1 Chapter 5, Paragraph 117)  

 

Use of a bootable solution

“ISSUE 2.0 OF THIS GPG STATED THAT A BOOTABLE MEDIA BASED SOLUTION WAS SUITABLE FOR OCCASIONAL USAGE OR SHORT-TERM CRISIS RESPONSE UP TO IL2. CESG HAVE REVISED THIS GUIDANCE TO SUPPORT BOOTABLE MEDIA SOLUTIONS FOR NORMAL AND REGULAR WORKING UP TO IL2 PROVIDED THAT THEY DO NOT ALLOW OFF-LINE FUNCTIONALITY OR PERMIT DATA TO BE RESIDENT ON THE BOOTABLE MEDIA ITSELF; IT SHOULD ONLY BE A THIN-CLIENT REMOTE ACCESS SOLUTION.”.(CESG’s Good Practice Guide to Remote Working 10 version 2.1 Chapter 6, Paragraph 172)

Trusted Client

-Product Overview

Trusted Client

Low cost, secure remote working solution using, ‘thin terminal’ Linux operating system

Government certified (IL2)

Hardened environment (port control, application control)

Integrated with VMware View and Citrix

3 variants : Bootable, Portable and Streamed editions

Trusted Client – delivery mechanism

Bootable Edition– Transforms unmanaged PCs into low-cost secure remote access points– Certified for Government secure remote working (IL2)

Portable Edition – Cost-effective secure thin client remote access for managed devices– Convert standard netbooks, laptops and desktops into low cost mobile computing

devices– Certified for Government secure remote working (IL3) (Chapter 5 GPG10 2.1)

Streamed Edition– Re-purpose existing Desktop estate– Provide low cost, efficient Thin Client access to back end services inside the Enterprise.

10 Step Guide for Creating an Accredited Remote Working Solution

following the guidance in GPG 10

Why do you need an Accredited Remote Working Solution?

Home computer systems and portable computers connecting from remote locations

The challenge of maintaining network security and data integrity

Enabling multiple methods of accessing files – including email, remote access and intranet

Conforming to CESG guidelines

Step One – Carrying out the initial research

Ensure that there is backing for compliance at the highest board or director level.

Identify funding streams that are available to finance additional IT products and infrastructure changes that may be required.

Detailed research is required to identify the data owners within your organisation, as well as the data users and access required. (use policy)

Step Two – Preparing your project plan

Prepare a clear project plan with clear requirements, objectives and deliverables

Outline timescales (start and end date) and resources required (including the staff and skills)

Set clear milestones and checkpoints to track the progress of the project

Step Three – Determining the data protection levels

Identify at what level the data needs to be protected.

Review all data that is in the public domain, and then to the next level of data protection, impact levels IL 1 and 2 (which may contain personal data, names and addresses, date of birth).

IL3 data access requires TC Portable for remote working.

Step Four – The Technical Architecture

Prepare your technical architecture and framework with clear diagrams. A good architecture will clearly illustrate how the data will flow from one point to the next.

The flow diagram will need to conform to Her Majesty’s Government (HMG) and International standards (ISO27001) and those outlined in the CESG Good Practice Guide

The Technical Architecture Diagram

LA External Firewall (EAL4)

Step Five – Setting up your proof of concept

A timeframe of about 3 weeks is recommended

Followed with an IT health check (pentest)

Such testing should be an ongoing process, not just part of the initial pilot but part of CoCo

Step Six – Documenting your project

Document the project including physical, procedural elements, personnel and technical information is an important part of the compliance

Security controls must be in place for data handling and backup and storage processes

As well as user guides and training for the remote security tools that are in use

Step Seven – Seeking guidance

Seek guidance if you are unsure about any aspects of compliance (CESG)

Have the compliance documentation quality checked before submission

Cover this aspect early on as possible

Step Eight – Include a regular maintenance plan

Regular maintenance should be built into your plan after your system goes live

Audits should ensure that the system is running well

Should also consider a disposal policy

Step Nine – Include a business continuity plan

Backup plan in the event of a failure

Put in place a robust recovery plan

Step Ten – Apply for Accreditation

With a fully detailed, accurate project plan you can apply for Accreditation for Secure Remote Working

Customer Case Study – The Devon Partnership

Project Objective– A working, affordable, CESG accredited, Code of Connection compliant

solution for mobile working over GCSX that does not rely on the use of local authority provided IT kit.

Rationale– Allow homeworkers able to use their own PC.– Reduce costs by allowing staff to use their own PC from home for ad hoc use.– Support green travel initiatives, property rationalisation, staff productivity – Improved security of information – less risk that laptops go missing– Increased use of GCSX secure email by peripatetic staff, particularly those

working in social care with Health partners.

Challenges faced

Clarifying the IL2/IL3 nature of the GCSX network for local authorities

Obtaining guidance on what solutions had any chance of being approved

Finding out who ‘approves’ a solution

Getting consistent advice

And finally – making it work!

The Solution

Approved for an IL2 network (GCSX)

Data owners need to be aware of, and accept, risks to IL3 information

This is the only way of meeting the project objective which currently has verbal approval from CESG and AWG (GSi Notice has been submitted to CESG by Government Connect for review)

Project will publish a toolkit on the Community of Practice website www.communities.idea.gov.uk

– IS1 risk assessment– Generic design– IT Health Check specification– Case Study

Four components using accredited products :– Becrypt Trusted Client– Two factor authentication– Client side SSL Certification – Thin client solution (Citrix Netscaler or full VPN)

Thank You

Questions?

Technical Demonstration of Trusted Client