IT security
IT security

IT security is a top priority at the Olympics

Yan Noblot reassures Mark Samuels that his Olympic Games IT security strategy is sound.

Written by Mark Samuels

Computing, 18 Jun 2004

Managing IT security for this summer's Olympic Games, an event that will draw some 200,000 visitors to various venues in Athens, is no easy task.

The person in charge must be prepared for any eventuality and must ensure that the team, which will include 3,400 permanent staff and volunteers, is safe and secure.

The former head of IT security for this summer's Olympic Games has already raised concerns about depending on volunteers to operate the event's technology.

Dayle Wheeler told Computing that, even with formal police and government background checks, it is impossible to be certain about the status of the Games' 3,000 volunteer workers.

But Yan Noblot, Wheeler's replacement at Atos Origin, the company managing the Games' technology, believes the operation is very much on track.

Noblot officially took over in January but started working with Wheeler in November last year while the two men worked through a transition period.

"Things are going well. We are very happy with where we are today. It's all going to plan. There are no major delays and we'll be on time," he said.

"It's not one of those projects that you can delay. We can't go back to the customer and say everything will be ready in an extra two weeks. There is no option."

With worries of a delayed 100 metres qualifying session dismissed, Noblot turns to the work undertaken since late 2003. He addresses concerns over the Games' dependence on volunteers.

"We have controls in place. Nobody can touch a piece of equipment without accreditation," he said. "There is a lot of strength in the fact that we give the least amount of privilege possible to each individual."

So has Noblot changed anything because of fears about volunteers? "No, I haven't changed anything. The plan that was in place before, under Dayle Wheeler, was very, very strong," he claimed.

Noblot believes that the plan, which relies on a combination of processes, accreditation systems and monitoring technologies, will keep potential errant employees at bay.

"We have made a lot of progress with regards to the plan implementation," he explained. "At the time Wheeler was here, they had started the implementation, and right now we're finishing things off."

Those finishing touches include minor tunings to antivirus and monitoring software. "Wheeler's plan was very healthy. We haven't changed the vision, we've just had to adapt to the environment," said Noblot.

What's more, he claimed that it's not too late to tune the Games' IT security policy. He early date for the initiation of testing, August 2003, made modifications easier.

"All the tunings have been done and tested, so everything will be fine. We have very stringent change management processes and everybody evaluates the impact on the operations," said Noblot.

"Compared with the number of things that have to be done to secure an event, such as the Olympics, these are minor."

Major elements of the security set-up remain unchanged, such as the policy for data segregation. The network has been segregated into different Olympic systems, such as for broadcasting.

Through this type of segregation, Atos Origin can enforce control inside the network and restrict access at system boundaries to prevent people having contact with data in other parts of the Games' network.

"Then, in the very unlikely case that we have problems, these issues will be contained inside a single part of the network and will not spread across the various systems," explained Noblot.

Containment is the key to Atos Origin's IT security systems, and the technology provider has implemented an accreditation badge system to help ensure workers and visitors are kept to specific areas of the Olympics site.

Other high-tech systems, such as biometrics, smartcards and RFID technology, which offer more complex forms of security, have not been included.

But Noblot believes that security fears over the accreditation badge should not be overemphasised. "The accreditation is not just a dumb badge. It's printed on monetary paper and you have a hologram in the plastic that is used for the accreditation. It's very difficult to fake," he said.

"What's more, it's easy to check: you see an accreditation and compare the picture. Whatever we use has to work 100 per cent. It has to be usable. We cannot go through failure because the reader is not working."

Smartcards were ruled out because of the cost of deployment. "Smartcards are very powerful for companies because you can tie logical security to physical security. You can use a card to get access to an area and then log on to your computer," explained Noblot.

"But for an event such as the Olympic Games, it's not really the case. You'll deploy 200,000 smartcards and only 3,000 will use a computer."

So why not implement a double-edged security infrastructure, using accreditation badges for site attendees and smartcard technology for IT workers? Surely piece of mind with regards to internal hacking makes the pain of integration worthwhile.

Noblot is far from convinced. "It's stupid for the physical security requirements we have," he said. "We'd then have two different authentication schemes. This would increase complexity and overkill the solution for the problem."

Let's just hope the implemented IT systems at the first Olympic Games since 11 September stay tight and secure. In two months' time, the whole world will be watching.

Monitoring application tuning increases visibility
Since taking over as head of IT security for the Olympic Games, Noblot has made some "minor tuning" to existing antivirus and monitoring software.

He realised that this tuning had to be undertaken during the implementation of outgoing security manager Wheeler's strategy. "We realised that some of our antivirus policies were conflicting with some of the real-time applications used by one of our partners," said Noblot.

"So we had to re-think the antivirus architecture so that we could push different types of policies to different types of services."

New virus software from Symantec has been implemented, as well as monitoring applications from Computer Associates. "With regard to monitoring, we found some better ways to monitor what was taking place on workstations," explained Noblot.

"It was not in the initial plan, but we can integrate that because it will provide more visibility in our environment."

And this high degree of visibility is why the systems will work, according to Noblot. "If you have a camera above your head in a lift, you tend to change your behaviour. If you know that monitoring is in place, you may think twice about doing something stupid," he said.

Tags:

reader comments

related articles

Athens Olympics

BBC uses Athens Games to showcase graphics system

Broadcaster uses Linux to improve speed and accuracy of real time results 02 Aug 2004

 

Olympic back-up staff lock down support

English Institute of Sport deploys token-based security for medical data 30 Jul 2004

Xerox readies itself for Olympian challenge

Athens Games will use 50 per cent more equipment than Sydney 2000 16 Jun 2004

IT security faces Olympian challenge

If all goes according to plan, the only Trojan Horse causing trouble in Athens this summer will be the one in the Hollywood blockbuster Troy. 04 Jun 2004

Wireless out of the running at Olympics

Games IT chiefs opt for wide area and IP-based networks as security fears KO Wi-Fi 21 May 2004

Olympic legacy to revamp Athens IT systems

Games host looks forward to inheriting £172m integrated IT infrastructure 20 May 2004

Technology crew primed for Olympian challenge

IT is vital to the Athens Games - Mark Samuels meets the other Olympic team 01 Apr 2004

Innovation

Beijing Olympics primed to break sports and IT records

Technology infrastructure master plan foresees unprecedented range of services 08 May 2008

Innovation

All systems go for Beijing Olympics

One day ahead of the start of the Olympics, the IT systems are up and running 07 Aug 2008

Innovation

Fixed deadlines will present unique challenge to the Game's technology teams

Working to an unmoveable deadline promotes motivation in big IT projects, says Olympics IT supplier 08 May 2008

related whitepapers

today's top stories

Management

IT's stock is soaring at the LSE

London Stock Exchange IT chief David Lester explains to Angelica Mari how the integration of Borsa Italiana is keeping his team busy, despite the worsening economy 20 Nov 2008

Management

Keeping IT in fashion

John Bovill has been hooked on retail since his early years as a fashion market trader. His industry knowledge is now helping him build a slick IT operation, reports Charlotte Moore 20 Nov 2008

Management

Cutting-edge IT delivers the goods

Chief technology officer Jay Bregman explains how constant innovation is part and parcel of his strategy for delivering competitive advantage at eCourier 20 Nov 2008

Management

Computing podcast: Europol's data sharing woes; credit card protection at Cotton Traders

The pan-European fight against organised crime is undermined by lax data sharing arrangements; and Cotton Traders enhances its credit card protection 20 Nov 2008

Management

Keeping IT on track

Catherine Doran, winner of Computing’s IT Leader of the Year award, tells Angelica Mari of her determination to drive on with technology-led transformation at Network Rail despite uncertainty over funding 19 Nov 2008

> More news

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Advertisement

Jobs

Related jobs

Job of the week

> More IT vacancies

Job alerts

  • Latest jobs to your inbox
Sign up here

Find your next job

IT Salary Checker

  • Are you being paid what you are worth?
Check salary here

Advertisement

White papers

Search white papers

Top categories

VPN, Extranet and Intranet Solutions

WAN/ LAN Solutions

Network Security

Interoperability-Connectivity

Grid/ Utility Computing

Latest poll

Will attempts to rebrand IT as a "cool" choice of profession increase the number of IT graduates?

Will attempts to rebrand IT as a "cool" choice of profession increase the number of IT graduates?

Can brand building reverse a decline in IT graduate numbers?

Previous poll results

> More polls

Latest audio and video articles

Video

The definitive guide to converged communications

Five key trends and five best practice tips to help you improve your corporate communications 20 Nov 2008

PodcastAudio

Computing podcast: Europol's data sharing woes; credit card protection at Cotton Traders

The pan-European fight against organised crime is undermined by lax data sharing arrangements; and Cotton Traders enhances its credit card protection 20 Nov 2008

> More audio and video

Latest in-depth articles

StarFeatures

Retaining the stars of IT

Jim Mortleman investigates the innovative techniques IT leaders are using to hang on to their star performers 20 Nov 2008

Dave BaileyComment

Clouds darken outlook for Vista's successor

Windows 7 looks like being an improvement on Vista, but economic and environmental concerns may mean few enterprises will rush to adopt it 20 Nov 2008

> More in depth articles

Advertisement

Primary Navigation