Embed Size (px)
Citation preview
new ways of working enabled by technology
@keneastwood @nomadbuzz #MWLG14
Ken EastwoodDirector
WelcomeMobile Working in Local Government 2014
Digital Nomads Limited supports the
www.publicsectornomads.com membership community
#MWLG14
Introduction
Change
Work 1.0 Work 2.0
Being able to access data independent of Location,
Platform & Time is changing how we work
Technology
21st Century Office
Culture
Resources
www.publicsectornomads.com
Office Rationalisation and Agile Working in Wiltshire Council
Julie Anderson-HillAndy Spurway
30 January 2014
3 transformational stages of Wiltshire Council’s life
• Becoming Wiltshire Council
• Workplace Transformation
• Campus Programme
Stage 1 Becoming Wiltshire Council
Elections
Council tax
Planning
Environmental health
Highways
Education
Social care
LibrariesWaste
collection
Leisure
Housing
Elections
Council tax
Planning
Environmental health
Waste collection
Leisure
Housing
Elections
Council tax
Planning
Environmental health
Waste collection
Leisure
Housing
Elections
Council tax
Planning
Environmental health
Waste collection
Leisure
Housing
Support services
Wiltshire 1 April 2009
Highways
Education
Social care
Libraries
Elections
Council tax
Planning
Environmental health
Waste collection
Leisure
Housing
• Among the largest UK Councils
• £800m revenue budget
• Serving nearly 500,000 people
• Mainly rural geography
• Aging population
4 Challenges for the new Council
• Establish and develop a Wiltshire Council culture
• Improve services and service efficiency
• Reduce back office property portfolio from 95 to 3
• Enable localised services through agile working
• Deliver better outcomes for customers
LeadershipCulture &Systems
Performance
Leadership – Culture – Performance
15
The Cultural Web of an Organisation
(How we view things/what we believe)
(Heroes, villains & mavericks)
(Organisational status)
(What we celebrate & how we do things) (Where power lies)
(What & how we measure, reward &
punish)
(How we organise ourselves)
TRANSFORMATION PROGRAMME• Resilient communities • Community ‘owned’,
based and operated services
• Choice, control, lives• Corporate programs• Culture and behaviour
change for all staff/mgrs
Campuses• In each Community Area• All different• Defined, designed ‘owned’, and operated by communities (New Operational Model)
Technology• Cloud based• Windows 7-8 / SOE / Work
anywhere (Lync)• In sourced service (-30%)• SAP development• New systems; Revs & Bens, Housing, Planning
Alternative Service DeliveryModels• Services• Campuses• New governance models• Community leadership• RSA, COBs
Commissioning &Procurement• Deliver £36m (4 years)• £9m / year• New processes / methods• New organisation - simplify• Category Mgt / buyers• Commissioning strategies
Systems Thinking• design around
customer• 25+ interventions • 480 staff trained• higher performance• enables budget
savings• hub operations;
support services • in and with
Communities
Budget, MTFS, Benefits• budget decrease £99m/£120m• investment £189m• revenue reduction (28%)• reduce operating costs• eliminate duplication• stop some services
Culture & Behaviour Change• Communications• Transformation/F2F Events• New behaviours and values• Appraisal• Recruitment• OD and L&D
Office Hubs• 3 hubs• Sell / dispose 95 buildings• New flexible ICT• 2:1 desk ratio• Work anywhere• Ops buildings• Depots
TransformationProgramme
County Hall hub
Enabling office rationalisation and agile working with
technology
ICT on day 1 April 2009
Positives
• Familiar services and applications
• Support in place on day 1
• Key 1C4W services available
Issues
•Limited ability to share data
•Unable to operate outside “hub”
•Unable to consolidate processes
•Work is a place you go
What did ICT do to support Wiltshire?
•Service designed around the customer not SLA
•Responsive to change
•27% cost reduction over 4-years
•Enabled improved reliability
• Improved performance
•Reduced time to fix issues
• Improved user confidence and trust in systems
•Full access to all system from anywhere, anytime
•Reduced travel requirement through collaboration services
•Able to work effectively as teams across the County
Full mobile working
Simplified ICT
Application consolidati
on
Insource ICT
Direct Access
Enabling office rationalisation?
Access to systemsSecure application platformsProductive mobile workforceCentralised management of ICT systems
The start of true agile working at Wiltshire Council
So what did that mean to Council?
Home worker kit
Secure printing and scan to send
Integration withcore telephone system
GCSX/PSNcompatible
Partnership working
Real agile working is taking off through use of mobile technologies
Guest printing
GIS apps(iOS/Win8/Android)
My Wiltshire App
Field teams
BYOD
Lync mobile richly featured
Future for agile working
• Further develop our Cloud solutions to underpin agile working
• Develop a more rounded mobile service
• Make better use of our information internally and externally
• Ensure the Council delivers better outcomes for Wiltshire
• Help Wiltshire support the most vulnerable in our communities
Thank youAny questions?
Eric HillEnfield Council
www.enfield.gov.uk
Striving for excellence
Developing a Compliant Strategic Infrastructure
Eric HillInfrastructure Architect,
Enfield Council
www.enfield.gov.uk
Striving for excellence
Context of Enfield
• Top London Borough!
• 275,000 Population
• Savings of £75.6million between 2010/11and 2013/14
• More savings to be made over the next 5 years
• 4,300 staff
• Acommodation – buildings being reduced and sold off
• New Ways of Working in practice since 2009, with 8 desks to 10 staff ratios
•No Council Tax increase for four years•Savings of £75.6million between 2010/11and 2013/14•Record breaking satisfaction levels with the Council and its services
Transforming our Council:Operating principles
The Council has developed a set of operating principles to guide the way we will deliver our services and work in the future. The principles are:
• Do it once• We will only do things that make sense for us to do so (e.g. we won’t take on things
that we are not specialist in)• Automating/self-serving nearly all the transactional activity (where possible)• Consolidating teams and creating smaller, more focussed centres of excellence• Enabling work to be delivered with fewer resources• Empowering customers to help them resolve their own requests and thus managing
demand more effectively• Partnering with other organisations and agencies more effectively to help deliver
better services at a reduced cost• Maximising income
These principles set a clear direction for the Council to become an even more efficient organisation focussed on customers with the ability to be even more flexible over time.
Leaner Programme
Why act now?
Digital is a reality
New Ways of Working
2009 – 2013
Iniially about Desk Ratios 8:10, and people work from home with
Access from Home PC’s or take home laptops.
Remote desktop with Juniper and Citrix
2013 onwards
Office and Outlook 2010
Lync 2010 for unified Comms
Presence, Instant Messaging, conference voice and video calls, sharing
desktops, easier support and collaboration
Now moved to Direct Access with Windows 7
Removed any access from Home PC’s and Citrix
New Ways of Working 2
2014 onwards
• Evolving into Phase 2 – Mobile Working
• And Phase 3 – more accommodation rationalisation and desk ratios 7:10
• 2014
• Wider True Mobile Working in the Field with Electronic recording
• Enterprise Solution – TotalMobile,
• Good platform across IOS, Android and Windows 7/8 Desktop
• Integration with Microsoft Biztalk
IT Infrastructure Supporting the Business Users• IT Partnership with Serco who manage our Systems and Day to day support
• Staff all work with newest Lenovo laptops X230, with good all round laptop for portability,
battery life
• 3,500 Windows 7 Laptops, recently completed the rollout by December 2013
• 2,500 Phone contracts, of which about 750 Smartphones, Windows Phone 7/8 Nokia Lumias
• Microsoft Enterprise Licensing – Desktop, Management and Services
• No Blackberry, iPhones or Android (at the moment)
• No BYOD Policy
• No MDM – Mobile Device Management
• Some mixed bag of mobile working
• 5 Highways engineers with 2007 Panasonic Toughbooks (bricks with 5.6” screens!)
• 4 Health and Safety Officers doing Audits on Samsung GalaxyTab 2 7” Android tablets
• More recently Implemented TotalMobile Pilot for 4 Pest Control Officers (April 2013)
Challenges: BYOD, MDM
Planning for New Member’s in 2014
• Move to electronic papers
• Savings on printing, distribution and Admin
• Benefits to Members
• Modern.Gov - System and iPad App (obviously?)
• But No, Politics - Windows 8 tablets (Remember we have Microsoft Enterprise Licensing)
• Steep learning curve to design the corporate build
• Devices – new to market
• Lenovo Tablet 2 - 10.1” screen, portable, light, 10 hours battery
• Problems, Too Small!
• Search for new larger Screens 11.6” Lenovo Helix
• July 2013 - Rollout to Directors, Build Problems and Hardware failures!!!
• September 2013 - 11 members Pilot postponed!!
• September 2013 - CESG Compliance Guidelines Released
Challenges: 32 bit and 64 bit, packaging, Windows 8.1 coming? SCCM infrastructure changes
Planning for New Member’s in 2014Part 2• October 2013 Microsoft release Windows 8.1
• Designed for enterprise
• Improved features
• New Hardware released
• Start all over again!
• Try new improved Surface Pro 2
• iPad’s back in the frame for consideration
• December 2013 – Restart testing Windows 8.1
• IT User testing completed
• February 2014 – Members Decision for Pilot Devices
• February to May – Complete pilot, Agree on Devices for 65 Members and standard IT
equipment, Decide on MDM and implement
Challenges: New infrastructure to support iPads, lack of Serco expertise, MDM testing
New Haswell chips, and Atom Baytrail, better battery life
Politics: One Member and Director Anti Apple
Office 365?
Mobile Working Programme
• 2013 – Major Blueprint Planning
• Gathering requirements
• Justifying the Business Case
• Prioritising which Services?
• Decisions based on:
• Team Size?
• Small simpler, but less savings
• Larger, complex, greater potential savings
• Savings, Quick wins, readyness for change
• 2014 – The Rollout begins
Challenges: New solutions come into play.
Starting with 450 potential mobile staff
Maximise exisiting capabilities
Maximising Existing capabilities
• More staff are taking laptops into Meetings
• Utilising MS Office Onenote more
• Use Smartphones for Wi-Fi HotSpots
• Saving on 200 Mobile Broadband Dongle contracts
• Get Services and Managers to think out of the box,
• It’s not just the technology, but also the people
• Emerging Opportunities
• Migration to EE, bringing 4g to users
• TransitionStaff through to true mobile working
Newer 8” Windows tablets now being released
Consumer trends in mobile technology are leading the way for enterprise adoption
The Enfield Long and Winding Road
• Good Foundation infrastructure
• Ambitious aims and deadlines
• Changing Needs
• Political power play
• CESG Security Compliance
• Strategic Decisions still to be made
• Fast pace of mobile technology
• MDM Decision – Third party or existing
• Build Agility and Flexibility into the infrastructure and strategy
• Reduce complexity and bespoke solutions
• Watch Consumer Trends
• Balance the right devices and solutions to the user requirements and budgets
Alison BraithwaiteSurrey County Council
2009-10 2014-15
Set salary, STARS Development Programme
Work/life balance, broad skills, people skills, creative business skills
Management through outcomes, trust, coaching, listening, innovation
Virtual teams, social networking, web conferencing, collaboration with partners
Appropriate securityElectronic files, right technology to the job
Flexible working, Outcome focusedCustomer led
Command & control, presenteeism, hierarchical
Resident teams, silo working styleGap between strategy and operations
Office files Paper documents
Team office basedContracted hours
Maslow’s Hierarchy of Needs & Hertzberg’s Motivational & Hygiene Factors
Office Rationalisation
IMT PC/Laptop Upgrade
Culture Change
Smarter Working
Customers
High Performing
Teams
Making a Difference Programme
Staff
Management Teams
Directorate SMTs
Leadership
High performing, skilled, smarter working
Culture: empowering, trusting, coaching, living our values
Leading by example, encouraging innovation, living our values, building resilience
Leading by Example
• Promote “one team”
• Culture change,
• coaching
• Innovation
• High performance
Leadership and High Performance Programme
Tony Acharia Qualys
Tony Acharia CISSPTechnical Account Manager
Protecting Data, Systems & Access:Maintaining CoCo Compliance
Agenda
• Review threat landscape
• Risk Management
• Who needs a VM Program?
• What systems should be covered?
• What’s at most risk?
• What if we do nothing?
• Do Something – an action plan
• Keeping in compliance– PSN, CoCo, PCI, ISO 27001, CIS etc
Threat Landscape• Primary Threat Vectors
– Outsider attack from network– Insider attack from network– Social Engineering– Administrators– Malware
• These attacks will manifest themselves into:-
– A web server compromise will stop us accepting payments
– We may expose customer data– An insider who is upset may leave leaving
destructive software– People leak sensitive information via Social
Engineering– A hacker finds evidence of wrong doing-
blackmails us
49
The Laws of Vulnerabilities• Every system has a flaw – and patches for these
are released every week.
• If you are running a well patched campaign you have reduced the attack surface by over 50%
• Removing admin rights further reduces risk unless it’s a Java or Flash Exploit – on any platform.
• Vulnerability Management is about a program – some organisations take this seriously others don’t.
• It’s as basic as locking your car when you leave it – and yet most attacks on networks involving malware exploit an unpatched host.
• Celebrity Malware – new term for Stuxnet but 2014 we will see an explosion of RansomWare..
Government Cyber Security Policy
Risk Management• Perform an in depth risk management on:-– Review assets – what are they? Windows, Unix/Linux, iOS,
CISCO?– Do we know about every device on the network?– Do we understand all the software installed?– Do we know about every advertised port/web server?– Are we monitoring our internal/external systems frequently?
• We could go on and on but for sanity lets stop here!
• As a system owner I need to know what I have then I can formalise my Risk Management strategy
• These threats are alive everyday, every hour, minute and second – scanning for Malware has to be everyday
• How do you manage Zero Day Threats?
• Don’t run the risk of saying “nah wont happen to me…!”
• Hackers do not take time off and neither do their bots…….52
Who needs a VM program?• We all do is the simple answer but..
• Every piece of software has issues:-– 2014 isn’t that old and yet:-
53
Who needs a VM program?
54
• These are merely Windows issues
System Coverage• Its not just Windows.
– Oracle, DB2, AIX, Unix, Linux, CISCO, Apple, Android etc– IP Telephone, SCADA, VM-Ware and so on.– Then the applications! How many do you have across your
estates?– What about everyday web browsers, plug-ins, extensions etc.– How do you manage Java and Flash across your estates?
• Every OS and application deployed has the potential to be an ingress point into your network
• Once you identify the vulnerabilities, remediate and then rescan
• Once you have cleansed the network we can establish a baseline for compliance
• If there is a flaw – how do you know if it affects your network?
55
What’s at most risk?• A VM program should provide you with:-
– Actionable reporting– Immediate Security Intelligence – Valid vulnerability data– Coverage of all systems – define critical systems– Minimum false positives– Specific reports for specific groups – not telephone
directories of faults– Demonstrate and report positive efforts of operational
teams
• Optional advantages:-– No cost in deploying a PoC– Reduced cost of ownership– Scalability to scan many systems simultaneously
internally and externally
56
What if I do Nothing?
• No longer an option
• ICO, reputational damage? Fines?
57
Do Something• There are many resources that can provide
independent reviews of people, process and technology
• Security policy framework, SANS Top 20 Critical Controls etc, etc..
• Create a clean estate – review gold disk images
58
Integrated Suite of Security & Compliance Solutions
*In Beta
*
59
Unified and Global View of Security and Compliance
Step by Step ProcessAdd IP Ranges
Map Hosts Define Groups
Scan HostsReview Findings
Inspect 0-Day’s
Observe Obscure Ports /
Services
Summarise Key Issues
Prioritise Remediation
Keeping In Compliance
• Get the estate as clean as possible
• Proving compliance is difficult
• Recent regulatory campaigns?
• Length of time to achieve?
• How do you maintain and manage compliance?
• If you can’t you automate the process…
• GRC and Policy Compliance tools
• Centralise Questionnaires to vendors and 3rd parties
61
Automating the Cycle• Qualys have a number of tools to help.
• A simple process:-– Scan a known good host (Compliant PSN
Server/Workstation)– RAMA– Setup polices from this “Gold Disk Image” or RMADS-
Policies– Top and tail the control list– Save the policy as “PSN benchmark”– Scan the rest of the network– Report by business group/asset group or other common
denominator– Produce compliance report – compare hosts
• Scan and report is completely automated – weekly monthly, quarterly or annually..
62
Automating the cycleA Unified and Continuous View of Compliance
IT-GRC Automation– Automates the collection of security and
compliance data with customizable policies, questionnaires
– Provides workflows helping organizations to automate and expedite compliance
Benefits– Automated Agent & Agent-less compliance
auditing supporting multiple regulatory mandates.
– Customizable questionnaires and business workflows to evaluate controls, gather evidence & validate compliance.
– Seamless integration with enterprise GRC solutions.
63
Thank [email protected]
Jackie Whitney & Stephanie Maxwell
Wokingham
Wokingham Borough Council
Our Smart Working Journey
Stephanie MaxwellProject Manager
Jackie WhitneyOrganisational Development Specialist
Wokingham Borough Council
Why Smart Working?......• This Project evolved from our Council-wide Transformation Programme
back in 2008, and initially was a Property driven project• Wokingham wanted to become a modern, flexible workplace• Wokingham is the lowest funded unitary authority in the country • Government cuts have required us to further reduce our spending• Rather than large scale job cuts we wanted to find new ways of delivering
services more efficiently • In addition, new flexible working styles would enable us to:
– rationalise accommodation – give staff a greater work/life balance – reduce congestion – deliver better services – provide value for money
Wokingham Borough Council
What we have achieved:
• Pounds:– Disposal of assets, resulting in £500,000 capital receipt– Revenue savings of almost £600,000 a year through
disposal, ending leases and income generation– Competitive hourly rates for new business
(Accommodation charge reduced by almost 50%)
Wokingham Borough Council
What we have achieved:
• People– 82% of our people say they are more productive at home– Staff sickness reduced from an average of 8 days annually
to 3 or 4 by staff working from home in a more comfortable environment and not spreading viruses around the office
– 20% of our Customer Contact Centre employees work from home
– Reduction in car travel, 9% over 3 years– Greater service resilience. Our Customer Contact Centre
dealt with calls at home, in their slippers, during the heavy snowfalls last year
Wokingham Borough Council
What we have achieved:
• Property– 8400m2 reduction in office space – Reduced storage by 41%
• Technology– 1200 people had laptops refreshed and Windows 7 Office
2010 installed– Technology Futures Programme: Improvements in
technology continue to enable us to connect, collaborate and share
– Taking services to the community through mobile technology, providing a quicker, user-friendly service
Wokingham Borough Council
What we have achieved:
• Project– Robust governance that is accepted Council-
wide as a way to Project Manage – The Project governance received an ‘outstanding’
assurance from Internal Audit, the first outstanding ever issued at WBC
Wokingham Borough Council
Knowledge Management
• Any time any where
• File sharing
• Data management
• Technology
New Ways of
Working
Office environment & workplace
• Home
• Office
• While commuting
• Decreased accommodation costs
• Increase of interaction & communication at the office
• Flexible shared work places
Processes• Interaction / mutual knowledge
• Co-operating
• Project work
• Results driven
• Process improvement / flexibility/productivity
Social and cultural• Responsible and adaptable
• Results driven management
• Resilient
• Using technology to knowledge share
Wokingham Borough Council
How we did it:•Right people •Clear aims and objectives•Robust governance
Project Team
•Simplified policy – Smart or Fixed worker•Face to face engagement and support, as a project team•Regular targeted communications and change planPeople•Early engagement with our technology colleagues•Identified solutions to meet initial requirements•Deployed ‘kit’ aligned to roll out plan
Technology
Property • Identify where rationalisation could occur• Identified solutions to meet team requirements• Worked with teams to implement moves
Wokingham Borough Council
How we did it:•Right people •Clear aims and objectives•Robust governance
Project Team
•Simplified policy – Smart or Fixed worker•Face to face engagement and support, as a project team•Regular targeted communicationsPeople•Early engagement with our technology colleagues•Identified solutions to meet initial requirements•Deployed ‘kit’ aligned to roll out plan
Technology
Accommodation
• Identify where rationalisation could occur• Identified solutions to meet team requirements• Worked with teams to implement moves
Culture Change Programme
Wokingham Borough Council
• Make it mandatory
• Change terms and conditions
• Wait for perfect IT solutions
•Enforce ‘protocols’
•Pay for broadband for everyone
•Allow exceptions – unless authorised
•Use external support
•Do it to people!
What we didn’t do:
Wokingham Borough Council
• Make it mandatory
• Change terms and conditions
• Wait for perfect IT solutions
•Enforce ‘protocols’
•Pay for broadband for everyone
•Allow exceptions – unless authorised
•Use external support
•Do it to people!
What we didn’t do:
There are 3 high level principles for Smart
Working at WBC as agreed by our Corporate
Leadership Team:
1) 2:1 Desk Ratio (2FTE:1 Desk)
2) Only Directors would have their ‘own’
offices
3) Storage would be reduced by 50%
Wokingham Borough Council
Key things to get right:
Wokingham Borough Council
What would we have done differently?
• Policy in place to support• More engagement with elected members
Wokingham Borough Council
What next for Smart Working at WBC?........
• Asset Review• Dials• Development of system for monitoring • Coaching• Lean• Improved Customer Experience• Technology Futures Programme
Wokingham Borough Council
