Working practices will not return to the way they were before lockdown and an organisation’s IT infrastructure needs to be designed to deliver the architecture that will provide the best value solutions for the required quality, performance and security. Some policy decisions which fall outside the remit of the IT department will be needed to best shape this: property strategy; scale of home working; LAN strategy – WiFi by default? – soft vs fixed phones; which collaboration tools and how and where they will be used; budget and timescale.
Most, if not all councils have flexible working to some extent and simply scaling this up may be the best approach. Regardless of this, the experience of lockdown should be used as an opportunity to re-evaluate the IT architecture. Price models will have changed making different options more affordable (the price of bandwidth continues to fall for example) and the impact of emerging technologies like SDWAN and 5G will have a part to play. What should be considered?
Data centre policy – where and how will applications and information be held. In house, hosting at a data centre or a virtual data centre? Each has its pros and cons and will depend on its contribution to the cost and risk appetite. End users are unlikely to see any discernible difference.
Network architecture – Internet, MPLS, SDWAN? If the cost benefit analysis justifies it then SDWAN would look to be the best approach, in particular the ease of management and configuration change. However, creating a network as an extension of the Internet may be simpler to manage if the network is being shared for example. And there would need to be a transition plan to move away from any existing MPLS architect. The level of trust that can be placed on the network will depend on its architecture and will be a key part of the security architecture design.
Location and management of firewalls – Firewalls are an expensive part of the infrastructure and their number and location will be an important component of the financial modelling. The optimum design for the network and data centres may require more firewalls than a less optimum approach.
Business continuity – different architectures will come with different business continuity risks and the cost of mitigating these needs to be considered. For example, applications hosted in a virtual cloud and accessed via the Internet provide a high level of resilience in the event of physical damage to equipment and circuits whereas private circuits and equipment directly protected by firewalls is more secure against cyber threats.
Sharing with other organisations – Most shared networks use MPLS as a trusted method of separating user communities. Any transition to a new architecture would clearly be more complex but it is possible to have a hybrid of more than one architecture as organisations move at different speeds.
Security architecture – The PSN CoCo has been a key factor in designing the security architecture. With the support for this being withdrawn at the start of 2020 and similarly the CAS(T) accreditation for networks there, is no public sector benchmark. NCSC are not planning to replace these with an “examination” approach but it is likely to be a more dynamic scheme that is continuously evolving as the threat landscape changes.
So, what could be the post lockdown end game. Provide every staff member who needs it with a laptop with collaboration software installed. They sit down, open up and go, at home or in any office. All offices have WiFi coverage, every phone is a soft phone, printers are WiFi enabled so there is no need for cabling.
MLL has the experience and expertise to help you make the right decisions. Our in house skills in designing networks is complemented by our close relationships with the companies that design and manufacture the key equipment. We are not tied to any one supplier and can offer impartial support, or work with your preferred supplier. And we have a good view of the future through these relationships, a view of 5G through our work supplying to the operators and an in depth understanding of Government network security strategy and how this would flow down to councils. We have a proven track record of working in partnership with our customers to achieve their best outcome.
by Ian Wilcox, Public Sector Strategist.