Empowering secure teamwork with new approaches to remote access
4 mins read
In my part of the world – working with the Government to deliver secure, critical services across agencies and departments, in as safe and sensitive a way as possible – Covid-19 has forced us to stress test a whole series of solutions.
An ongoing challenge for government has always been sourcing people for innovation, transformation and digitisation projects. There is a war for talent in these areas at the best of times, but when you add the need for high-level security clearance, there can be significant delays and cost increases involved in getting the right team assembled and working together.
We now know that it is possible to assemble a team with varying levels of security clearance to work together on a project, and to create segmented ’zones’ for remote work at different levels of sensitivity. We can ramp up capacity quickly and reduce costs, without compromising security.
Whereas security clearance for people working in normal classified areas (’low-side’) can be processed in a few months, clearance for people working in highly classified areas (’high-side’) can take more than a year to process. In the very recent past, work that involved material of a higher classification would be done entirely by people who had the highest level of clearance, even if some of them would rarely deal with the classified material, in order to minimise the risk of a breach. This greatly limited the available talent pool to government projects. And, since getting new talent cleared to the highest level takes so long, it could take a year to scale up a team, slowing down the pace of delivery and innovation; cost was also an issue: these rare resources come at a premium.
Very often, the bulk of the work could actually be done by people working low-side, and only a minority of tasks actually requires the highest level of clearance. The challenge was: how to pull together a project and see it through from end to end where some people are working high-side and some are working low-side? There had been a lot of theoretical work done on the problem. Architecture was developed and tested to a small extent over the last few years, and it appeared to work. But because of a risk-mitigation approach in the sector, few solutions had ever been fully deployed in a live environment.
When the Covid-19 crisis hit, everyone was pushed ’outside of the wire”, but work had to continue. A solution had to be found for people to be able to continue working their secure jobs and for people working high- and low-side to collaborate. It turned out that a huge percentage of the work could successfully be done using the methods and solutions we had previously proposed but never implemented.
What this means for government departments is that they can now build platforms, systems and programmes that enable suppliers to provide them with staff at much greater capacity, at the right security clearance, to do the work that they need done. Now that mixed-clearance teams can work from anywhere, the bulk of the new team members can get a straightforward security check and start working within a few months.
Departments using this new way of managing teamwork and access will have the capacity to rapidly improve security, transformation and digital defensive solutions. And there are growing needs that can be addressed by largely low-side teams: for example helping to tackle local terrorism, cyber-attacks, and crime. Attacks on small and medium enterprises are vastly under-reported. Only 1% of attacks on small businesses ever get reported and only 1% ever go to conviction, because victims fear the business interruption that will happen if they report the attack. This means that cyber-attacks are continually rising, hurting our economy and making people unsafe. We can address this issue faster and better if we can have people working low-side at the right capacity.
The Covid-19 crisis has demonstrated that secure networking systems and collaboration solutions are secure and effective at scale. This is an important positive outcome of the crisis which could benefit many departments and projects in central and local government.
This means Government can draw on whole new talent and innovation pools and do it at speed and to scale. What used to take a year can now be achieved in a month – enabling clients rapidly to increase their capacity to work on transformation and digital projects that require security clearance. It means we only use individuals with the highest level of clearance when it is actually needed.
The pandemic has forced us to go home and go online: from our shopping habits, to the way we learn, to the way we engage with government – we have had to rethink and reset. We won’t be able to put that particular genie back into the bottle. Expectations of the wider population to self-serve with Government – easily, safely, sensitively – will continue to grow, not recede and we will need to work out how we do that in an increasingly imaginative and intuitive way.
In the words of Dirk Gently - “Let's think the unthinkable, let's do the undoable. Let us prepare to grapple with the ineffable itself, and see if we may not eff it after all.”
Government Market Leader
Kevin Nicholas is an expert in digital innovation and transformation and its use in the public sector to create safer, healthier, and more prosperous nations. He leads Government work, where his focus will span healthcare, defence, policing and justice, and central government to deliver better outcomes to the citizens of the UK.