Presentation about digital strategy, the Data Protection Act and security requirements. Presented by Simon Boxall, Information Security Officer at the London Borough of Camden, on 9 April 2014 at the Local Digital Futures event in London.
2. Camden Council
• Local Authority in the Centre of London
• £1Bn Plus Turnover
• £350 M Plus Operating Costs
• £400 M Plus Per Annum Spend on Goods and
Services
• Estimated 25,500 Businesses
• 220,000 Residents
3. Digital Strategy
• Digital by Default - 23 KM of paper on site to
less than 2 KM within 18 months
• All staff to be mobile by default able to work
at home, on the move and in third party
locations securely
• Any Device, Any Platform Access including
mobile phones and tablets
• Seamless and collaborative working across
functional and geographical locations
4. • Online Payments, Telephone Payments, Customer
Service Centre
• Income Management System
• BACS
• Fostering Care
• Vulnerable Adults
• Special Educational Needs
• Social Care
• Public Health
• Planning Housing
• Legal
• Contracts and Procurement
Financial
Data
Commercial
5. Data Protection Act – Information
Commissioners Office
Information Governance Statement of
Compliance – Adult Social Care, Children
Schools and Families
Payment Card Industry - Data Security
Standard
Public Services Network
6. Public Service Network (PSN)
N3 NHS
Citrix AD
HRPayment
systems
Bespoke
Web based services
Secure Networks
Shared Services
SaaS
8. Challenges
• Costs
– Service Desk – Users Support
– User efficiency – Time lost
• Multiple Identities
– Lots of Applications
– Management of Identities
• Legacy Applications
– No AD Web services or SAMLv2 integration
• Security Requirements
– Two-Factor Authentication
9. Freja
• Transparency
– Authentication pass-through with no user interaction
• Open Standards
– Interoperability Flexibility Federation
• Tokens
– Hard and Soft Requirement
• Compliancy
– Meeting Standards
10. • Reduce Costs
– Cost of managing multiple IdMs, Support cost
• Increase Security
– Reduce the number but increase the complexity
• Increase Efficiency
– Reduce time wasted authenticating multiple times
• Improved Business Relationship
– Heightened user experience
– Business confidence in CICT
Single Digital Identity