The efficiency drive across the public sector has seen the concept of e-government gain unprecedented attention. And while that has huge ramifications for public sector organisations’ IT infrastructure – where there is a new emphasis on flexibility and efficiency – some core requirements, such as the security of often highly sensitive data, remain paramount.

“There is a big driver to get efficiencies out of our IT architecture, but I must ensure that customers trust the council to manage records with appropriate security in place,” says Henri Reinbolt, chief information officer at Greenwich Council.

“There have been some high-profile incidents of data loss in the media and as a council we are very anxious to manage records and data properly and reassure the public we do that,” he says.

As a local authority, the council has strenuous compliance requirements. For example, it must meet PCI compliance to take e-payments in a secure manner, and adhere to the code of connection compliance (CoCo) for access to the Government Connect Secure Extranet (GCSx), which facilitates collaboration with central government services, such as the NHS.

Hytec, part of the OLM Group, has advised the council about security, including GCSx compliance and the associated network architecture.

“At the end of last year Hytec helped us with the CoCo issue to ensure our architecture is compliant with the expected requirements from central government, so it can support our modernisation programme, which centres on using the web for access and sharing information outside our domain,” says Reinbolt.

“There has been a lot of work on both infrastructure and application systems. Hytec understands what security controls are needed at the basic network layer and above layers and the constraints under which we work,” he says.

As part of that work, Greenwich has strengthened its change management processes to ensure compliance is factored in.

“It is very easy to make changes to business processes and find you are no longer compliant, but we need to ensure we stay within the rules,” says Reinbolt.

The council is moving towards a flexible working environment with about 3,000 Citrix thin clients compared to only 500 laptops and 500 desktops, and securing that environment is crucial.

“We are moving from dedicated IT resources to a pan-building environment where people can work anywhere within the council to enable flexible working and to optimise our property assets, but we have to ensure that security is acceptable from a control point of view, and we need to be very smart in our architectural design,” says Reinbolt.

Getting it right involves looking at encryption and authentication within the context of who is doing what with whom as the council increasingly has to share information outside its local environment.

“Public trust is key. We have to provide a public-service network, and cannot afford to build Fort Knox. Our architecture needs to provide us with secure flexibility,” says Reinbolt.