IT in the public sector has all too frequently been viewed as a potential area for cost cutting, with the UK’s HM Revenue and Customs data loss towards the end of 2007 highlighting the problems that this can present. Given the attention placed on information security throughout last year, public sector organizations will need to maintain a focus upon such issues moving forward.
Towards the end of 2007 the Society of IT Management published its report on IT Trends in Local Government. This is the result of an annual survey sent out to in excess of 500 heads of ICT in local public sectors, including the fire services, housing associations, and local authorities. The 21st report had contributions from approximately 250 organizations, and made some significant comments on (amongst other areas) the information security aspects of IT.
While a local government body does not necessarily feel a direct financial impact from the consequences of lax information security (as can be the case in the private sector), it still has an impact on the confidence of the citizens that it serves when things go awry.
The Socitm report noted that the cost of securing information held by local government has increased significantly since the previous year, which has most likely been affected by the increase in access to services through technology. Take one very simple example: recycling bins may only be collected on a monthly basis; a citizen signs up on-line to have a text alert to their mobile phone the day before the bin is due to be collected, and this gives (in this case) the local authority more data to protect. As the report notes, it is no longer enough to protect information in one location and when it is in transit, but wherever it is and whatever device it is on.
Although local authorities are planning to buy a considerable amount of new technology, Socitm still calculates that the amounts being purchased are not sufficient to maintain the asset base at the standard planned. Increased performance and speed are great to have, but it is important that these are not made available at the expense of security and reliability.
As the Socitm report points out: The focus should not be just about the price of the technology but about the environment that the technology creates for secure, reliable service delivery.
IT managers in the public and private sectors face very similar problems and it is only that the former sector is accountable in such a public way when things go wrong, that makes their role ever more challenging. IT is not a cost center where cuts can be made – it is a department that contributes to an organization being run efficiently for its customers. Most IT departments of both public and private sector organizations will always be asked to do more with less, but the potential for compromising information security is likely to remain at the front of the minds of public sector IT managers.
Source: OpinionWire by Butler Group (www.butlergroup.com)