SlideShare a Scribd company logo

Victorian Bushfires Royal Commission Case Study

R
Rebecca O'Dwyer
1 of 3
Download to read offline
industry: Public Sector country: Australia business challenge: Access to a secure, flexible and reliable IT infrastructure that enabled the Commission to complete its classified and time-sensitive work solution: A multi-vendor technology environment that would support the Commission’s requirements without increasing complexity or reducing time to act services: End-to-end Suite of Managed Services providing technical ability and on-call 24-hour support, enabling the Commission to function without concern for the underlying IT infrastructure results: • Provided a single point of access despite a large number of vendors and technologies, ensuring peace- of-mind • Provided technical expertise and knowledge on-hand without reliance on internal IT staff, meeting the Commission’s budgetary constraints by providing a reasonably priced service • Managed incidents successfully, including flood damage, with no disruption to proceedings or unscheduled downtimes Victorian Bushfires Royal Commission Victorian Bushfires Royal Commission Outsourced Infrastructure and Management to Dimension Data case study Executive Summary Dimension Data designed and implemented a complex IT infrastructure for the 2009 Victorian Bushfires Royal Commission, which was set up in response to Black Saturday. Management of the IT environment was outsourced to Dimension Data, who provided a single point of contact for the Commission. Client Overview The 2009 Victorian Bushfires Royal Commission was established on 16 February 2009 to investigate the causes of, preparation for, and responses to the Victorian bushfires which swept through parts of Victoria in January and February 2009. The Commission also examined the impact of the fires on infrastructure. The culmination of the 18-month inquiry was the Final Report, released on 31 July 2010. Business Challenge The Victorian Bushfires Royal Commission (the Commission) planned to establish its headquarters at 222 Exhibition Street, Melbourne. Along with the fit-out of the building, the Commission required a fully designed and implemented IT infrastructure to enable it to conduct all necessary work within stringent deadlines. As well as technical ability on call, the Commission needed to operate key services without worrying about its underlying IT infrastructure, with few internal IT staff. The most important feature within this infrastructure was rapid set-up and robust security, explains Kaye Fox, Business Services Manager at the Commission: “Security was the most critical requirement because we were responsible for sensitive and classified information, and needed to operate separately from the government. We also had to be ‘unhackable’, as there were a lot of people interested in what we were doing. We also needed to provide other potentially risky features, such as remote login, and to transfer large files to external parties.” Although the Commission’s approach was generally in favour of openness, transparency and accessibility, there were some occasions when it was necessary to close hearings or impose limitations on the publication of information in the public interest. Data was collected from a range of sources: the public, represented parties before the Commission including governments, private companies, and fire- affected individuals and communities. As a consequence, levels of security ranged from public domain to classified material, or even protected status level. Nevertheless, a significant degree of flexibility was required. The right people needed the ability to access the right category of information, either on-site or remotely. Data had to be moved around while still maintaining the applicable level of confidentiality.
case study | Victorian Bushfire Royal Commission Moreover, due to the nature of the work being undertaken by the Commission there were a number of extremely tight timeframes that had to be achieved in both the implementation and ongoing support services. Dimension Data was selected from the Victorian Government eServices Panel to audit the existing IT infrastructure at the proposed headquarters in Exhibition Street and prepare an IT infrastructure proposal based on the audit and the Commission’s anticipated needs. Dimension Data responded within two days of the request, and was subsequently engaged to design the IT infrastructure and oversee its introduction. “We really got a good product at a good price, and the service on top of that provided us with an excellent result.” Kaye Fox, Business Services Manager, 2009 Victorian Bushfires Royal Commission Solution Delivered The IT infrastructure designed by Dimension Data was complex and involved an array of vendors providing sophisticated technologies. Each was carefully selected as the best solution for the Commission’s needs, while bearing in mind budgetary constraints. In many situations, Dimension Data was able to present a range of options, enabling the Commission to select the best fit for outcome and budget. The server and workstation infrastructure, as well as security/anti-virus were provided by Dimension Data. Infrastructure services for the Commission’s users were provided by Microsoft Windows Server 2003 and 2008, such as file and print services; user authentication; enforcement of polices and settings; and automated workstation deployment. The Commission’s messaging platform was Microsoft Exchange, while SharePoint was employed for collaboration and centralised document storage. Other vendors included Cisco for core network and firewall; Check Point for internet gateway and firewall services; and Cisco IronPort for mail routing and hygiene. Secure forward/ reverse proxying and traffic shaping was provided by Blue Coat. McAfee solutions were employed for anti-virus, device encryption and intrusion protection, while RSA was utilised for two factor authentication. EMC handled storage area network (SAN). Finally, server hardware came from IBM and HP, and secure file transfer services from Accellion. Once the infrastructure was implemented, the Commission had to determine the best management model. “Initially the Commission was unsure about the best model – managing internally or externally? However, we decided to go with fully managed services. I had experience with this model before and knew it was the way to go. Not only does it provide a one-stop-shop, but one organisation takes responsibility for upgrades and other requirements. Taking the managed services path was better than managing the environment ourselves,” says Fox. Dimension Data was contracted to provide IT infrastructure maintenance and support, on-site support during business hours and 24-hour call centre desktop support and business recovery support. Server virtualisation technology was extensively deployed at the Commission. The virtualisation platform chosen was Hyper-V, a component of Microsoft Windows Server 2008, which ensured separation of the server roles, minimised the server footprint and provided disaster recovery options. The Hyper-V platform was also hardened using standardised security guidance to minimise the risk of exploitation of the virtualisation platform. A large range of measures were in place to meet the Commission’s exacting security requirements. “From the very beginning of the Commission we employed an independent security consultant to assist in meeting our security requirements. To make each element secure, Dimension Data would take our requirements, and present us with an option. We would run this past our consultant, and then implement the solution,” says Fox. Each of the Windows servers that were provisioned for the Commission was put through rigorous hardening before placing in production. All Commission workstations were configured using a Managed Operating Environment (MOE), which was locked down in accordance with the Commission’s security requirements to reduce the risk of exploitation and ensure the protection of sensitive material. In addition, if any issues were discovered, the workstations could be quickly rebuilt using the standard image and redeployed to a user. “We really got a good product at a good price, and the service on top of that provided us with an excellent result.” Kaye Fox, Business Services Manager, 2009 Victorian Bushfires Royal Commission
case study | Victorian Bushfire Royal Commission For further information visit: www.dimensiondata.com/solutionsCS / DDCC-0787 / 03/11 © Copyright Dimension Data 2011 The workstation fleet was protected by a managed anti-virus solution from McAfee. This provided malware protection, anti-virus and host intrusion prevention protection mechanisms. To reduce the chance of losing sensitive data, each of the Commission laptops had full device encryption of all data. Certain systems also utilised McAfee Host Intrusion Protection (HIPS) to proactively protect the system against zero day threats. One of the prime areas for potential loss of sensitive material and security compromise was the email system. Several different controls were implemented to minimise the risk of exposure. Email received from the internet was initially sanitised from viruses and malware using a Cisco IronPort solution, ensuring email hygiene for all incoming and outgoing email messages. To fully secure the Commission’s Exchange platform, a combination of McAfee anti- virus and Microsoft Forefront Security for Exchange was implemented. All internet traffic was also scanned for malware and viruses using a forward proxy solution provided by Blue Coat, which provided an interface between the workstations and the internet for extra security. The device also limited the use of various categories of internet content known to pose high risks of corruption, such as webmail. While this created some restrictions on speed and accessibility, the Commission’s vulnerability to data loss was further reduced. All electronic classified material was stored on a highly redundant SAN located in a secure data room. This assisted in ensuring correct access and data redundancy as well as physically securing the data holdings. The secure gateway, which was the main security asset, ensured that access to Commission systems and data was accorded only to authorised users. Public domain data – that is, declassified data – was not hosted internally but at a web hosting provider which offered more cost-effective peak load attributes. This reduced costs as bandwidth needs varied dramatically, particularly on the release of any official reports by the Commission. The gateway also included malware, intrusion detection, bad content filtering, access between secure and non-secure segments, reverse and forward proxies as well as classified black box appliances in the demilitarised zone (DMZ). An important requirement for the Commission was secure remote access to its systems for internal users when not within the headquarters, demanding thorough security measures. A secure two factor VPN solution was implemented utilising Cisco and RSA technology. This was only accessible on certain Commission laptops and access was restricted and monitored within the firewall connection. Users were also provided guidance on the connections that were able to securely access the Commission network. Security Protocol 802.1x-based mechanisms were implemented to ensure that no access was permitted from unsecured or home wireless access points. This access utilised encryption, secure gateways and strong authentication, among other mechanisms. A system-wide backup occurred nightly and backup copies were stored in a secure off-site facility to minimise the risk of data loss and provide recovery if necessary. •

Recommended

Cloud computing - Risks and Mitigation - GTS
Cloud computing - Risks and Mitigation - GTSCloud computing - Risks and Mitigation - GTS
Cloud computing - Risks and Mitigation - GTSAnchises Moraes
 
Cloud Security Strategy
Cloud Security StrategyCloud Security Strategy
Cloud Security StrategyCapgemini
 
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A SurveyTrust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A Surveyinventionjournals
 
Ohm2013 cloud security 101 slideshare
Ohm2013 cloud security 101 slideshareOhm2013 cloud security 101 slideshare
Ohm2013 cloud security 101 slidesharePeter HJ van Eijk
 
International journal of computer science and innovation vol 2015-n2-paper4
International journal of computer science and innovation vol 2015-n2-paper4International journal of computer science and innovation vol 2015-n2-paper4
International journal of computer science and innovation vol 2015-n2-paper4sophiabelthome
 
Various Security Issues and their Remedies in Cloud Computing
Various Security Issues and their Remedies in Cloud ComputingVarious Security Issues and their Remedies in Cloud Computing
Various Security Issues and their Remedies in Cloud ComputingINFOGAIN PUBLICATION
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security IssuesStelios Krasadakis
 
Cloud Computing: legal issues
Cloud Computing: legal issuesCloud Computing: legal issues
Cloud Computing: legal issuesISPABelgium
 

Recommended

Cloud computing - Risks and Mitigation - GTS
Cloud computing - Risks and Mitigation - GTSCloud computing - Risks and Mitigation - GTS
Cloud computing - Risks and Mitigation - GTSAnchises Moraes
 
Cloud Security Strategy
Cloud Security StrategyCloud Security Strategy
Cloud Security StrategyCapgemini
 
Trust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A SurveyTrust based Mechanism for Secure Cloud Computing Environment: A Survey
Trust based Mechanism for Secure Cloud Computing Environment: A Surveyinventionjournals
 
Ohm2013 cloud security 101 slideshare
Ohm2013 cloud security 101 slideshareOhm2013 cloud security 101 slideshare
Ohm2013 cloud security 101 slidesharePeter HJ van Eijk
 
International journal of computer science and innovation vol 2015-n2-paper4
International journal of computer science and innovation vol 2015-n2-paper4International journal of computer science and innovation vol 2015-n2-paper4
International journal of computer science and innovation vol 2015-n2-paper4sophiabelthome
 
Various Security Issues and their Remedies in Cloud Computing
Various Security Issues and their Remedies in Cloud ComputingVarious Security Issues and their Remedies in Cloud Computing
Various Security Issues and their Remedies in Cloud ComputingINFOGAIN PUBLICATION
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security IssuesStelios Krasadakis
 
Cloud Computing: legal issues
Cloud Computing: legal issuesCloud Computing: legal issues
Cloud Computing: legal issuesISPABelgium
 
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationVenkateswar Reddy Melachervu
 
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...csandit
 
Cloud and challenges isacakenya
Cloud and challenges isacakenyaCloud and challenges isacakenya
Cloud and challenges isacakenyaTonny Omwansa
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computingAbhishek Kumar Sinha
 
Cloud security and adoption
Cloud security and adoptionCloud security and adoption
Cloud security and adoptionSudsanguan Ngamsuriyaroj
 
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...Unisys Corporation
 
Cloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCSCJournals
 
Securing Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeSecuring Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeAhmad Abdalla
 
Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0David Spinks
 
Outsourcing control
Outsourcing controlOutsourcing control
Outsourcing controlShahbaz Sidhu
 
Privacy in cloud computing
Privacy in cloud computingPrivacy in cloud computing
Privacy in cloud computingAhmed Nour
 
The Riisk and Challllenges off Clloud Computtiing
The Riisk and Challllenges off Clloud ComputtiingThe Riisk and Challllenges off Clloud Computtiing
The Riisk and Challllenges off Clloud ComputtiingIJERA Editor
 
CLOUD STEGANOGRAPHY- A REVIEW
CLOUD STEGANOGRAPHY- A REVIEWCLOUD STEGANOGRAPHY- A REVIEW
CLOUD STEGANOGRAPHY- A REVIEWJournal For Research
 
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computingIjirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computingIJIR JOURNALS IJIRUSA
 
Nfp Seminar Series Danny November 18 Emerging Technology Challenges And...
Nfp Seminar Series Danny November 18 Emerging Technology Challenges And...Nfp Seminar Series Danny November 18 Emerging Technology Challenges And...
Nfp Seminar Series Danny November 18 Emerging Technology Challenges And...Danny Miller
 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud ComputingRohit Buddabathina
 
Cloud computing: opportunities and risks
Cloud computing: opportunities and risksCloud computing: opportunities and risks
Cloud computing: opportunities and risksCloud Legal Project
 
CSA Atlanta and Metro Atlanta ISSA Chapter Meeting May 2014 - Key Threats to ...
CSA Atlanta and Metro Atlanta ISSA Chapter Meeting May 2014 - Key Threats to ...CSA Atlanta and Metro Atlanta ISSA Chapter Meeting May 2014 - Key Threats to ...
CSA Atlanta and Metro Atlanta ISSA Chapter Meeting May 2014 - Key Threats to ...Phil Agcaoili
 
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeSecuring Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeLisa Abe-Oldenburg, B.Comm., JD.
 
TWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEM
TWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEMTWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEM
TWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEMNexgen Technology
 
Sandeep Profile
Sandeep ProfileSandeep Profile
Sandeep ProfileSandeep Jayaram
 
J moreno lors diversity forum 4.18.15
J moreno lors diversity forum 4.18.15J moreno lors diversity forum 4.18.15
J moreno lors diversity forum 4.18.15morenojm
 

More Related Content

What's hot

Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationVenkateswar Reddy Melachervu
 
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...csandit
 
Cloud and challenges isacakenya
Cloud and challenges isacakenyaCloud and challenges isacakenya
Cloud and challenges isacakenyaTonny Omwansa
 
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...Unisys Corporation
 
Cloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCSCJournals
 
Securing Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeSecuring Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeAhmad Abdalla
 
Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0David Spinks
 
Privacy in cloud computing
Privacy in cloud computingPrivacy in cloud computing
Privacy in cloud computingAhmed Nour
 
The Riisk and Challllenges off Clloud Computtiing
The Riisk and Challllenges off Clloud ComputtiingThe Riisk and Challllenges off Clloud Computtiing
The Riisk and Challllenges off Clloud ComputtiingIJERA Editor
 
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computingIjirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computingIJIR JOURNALS IJIRUSA
 
Nfp Seminar Series Danny November 18 Emerging Technology Challenges And...
Nfp Seminar Series Danny November 18 Emerging Technology Challenges And...Nfp Seminar Series Danny November 18 Emerging Technology Challenges And...
Nfp Seminar Series Danny November 18 Emerging Technology Challenges And...Danny Miller
 
Cloud computing: opportunities and risks
Cloud computing: opportunities and risksCloud computing: opportunities and risks
Cloud computing: opportunities and risksCloud Legal Project
 
CSA Atlanta and Metro Atlanta ISSA Chapter Meeting May 2014 - Key Threats to ...
CSA Atlanta and Metro Atlanta ISSA Chapter Meeting May 2014 - Key Threats to ...CSA Atlanta and Metro Atlanta ISSA Chapter Meeting May 2014 - Key Threats to ...
CSA Atlanta and Metro Atlanta ISSA Chapter Meeting May 2014 - Key Threats to ...Phil Agcaoili
 
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeSecuring Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeLisa Abe-Oldenburg, B.Comm., JD.
 
TWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEM
TWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEMTWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEM
TWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEMNexgen Technology
 

What's hot (20)

Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
 
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...
THE IMPACT OF EXISTING SOUTH AFRICAN ICT POLICIES AND REGULATORY LAWS ON CLOU...
 
Cloud and challenges isacakenya
Cloud and challenges isacakenyaCloud and challenges isacakenya
Cloud and challenges isacakenya
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
 
Cloud security and adoption
Cloud security and adoptionCloud security and adoption
Cloud security and adoption
 
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
Never Compromise Your Mission: 5 Ways to Strengthen Data and Network Security...
 
Cloud Computing Security Issues and Challenges
Cloud Computing Security Issues and ChallengesCloud Computing Security Issues and Challenges
Cloud Computing Security Issues and Challenges
 
Securing Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeSecuring Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & Netskope
 
Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0
 
Outsourcing control
Outsourcing controlOutsourcing control
Outsourcing control
 
Privacy in cloud computing
Privacy in cloud computingPrivacy in cloud computing
Privacy in cloud computing
 
The Riisk and Challllenges off Clloud Computtiing
The Riisk and Challllenges off Clloud ComputtiingThe Riisk and Challllenges off Clloud Computtiing
The Riisk and Challllenges off Clloud Computtiing
 
CLOUD STEGANOGRAPHY- A REVIEW
CLOUD STEGANOGRAPHY- A REVIEWCLOUD STEGANOGRAPHY- A REVIEW
CLOUD STEGANOGRAPHY- A REVIEW
 
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computingIjirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
Ijirsm poornima-km-a-survey-on-security-circumstances-for-mobile-cloud-computing
 
Nfp Seminar Series Danny November 18 Emerging Technology Challenges And...
Nfp Seminar Series Danny November 18 Emerging Technology Challenges And...Nfp Seminar Series Danny November 18 Emerging Technology Challenges And...
Nfp Seminar Series Danny November 18 Emerging Technology Challenges And...
 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud Computing
 
Cloud computing: opportunities and risks
Cloud computing: opportunities and risksCloud computing: opportunities and risks
Cloud computing: opportunities and risks
 
CSA Atlanta and Metro Atlanta ISSA Chapter Meeting May 2014 - Key Threats to ...
CSA Atlanta and Metro Atlanta ISSA Chapter Meeting May 2014 - Key Threats to ...CSA Atlanta and Metro Atlanta ISSA Chapter Meeting May 2014 - Key Threats to ...
CSA Atlanta and Metro Atlanta ISSA Chapter Meeting May 2014 - Key Threats to ...
 
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeSecuring Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
 
TWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEM
TWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEMTWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEM
TWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEM
 

Viewers also liked

J moreno lors diversity forum 4.18.15
J moreno lors diversity forum 4.18.15J moreno lors diversity forum 4.18.15
J moreno lors diversity forum 4.18.15morenojm
 
Lochlan-Hunter-Resume-2015
Lochlan-Hunter-Resume-2015Lochlan-Hunter-Resume-2015
Lochlan-Hunter-Resume-2015Lochlan Hunter
 
Que es power point
Que es power pointQue es power point
Que es power pointsarasyesmi
 
October 2015 resume kingshook
October 2015 resume kingshookOctober 2015 resume kingshook
October 2015 resume kingshookkingshook mondal
 
Rotary peace fellow recruitment
Rotary peace fellow recruitment Rotary peace fellow recruitment
Rotary peace fellow recruitment nduchala
 
2005580_9 - MLC _ Resume _ General _ 2-8-16
2005580_9 - MLC _ Resume _ General _ 2-8-162005580_9 - MLC _ Resume _ General _ 2-8-16
2005580_9 - MLC _ Resume _ General _ 2-8-16Mary Lynn Coffee
 
Domestic Worker Policy in India FINAL
Domestic Worker Policy in India FINAL Domestic Worker Policy in India FINAL
Domestic Worker Policy in India FINAL Judy Zhuang
 
Kepimpinan pengawas
Kepimpinan pengawasKepimpinan pengawas
Kepimpinan pengawasFieda Ziera
 

Viewers also liked (12)

Sandeep Profile
Sandeep ProfileSandeep Profile
Sandeep Profile
 
J moreno lors diversity forum 4.18.15
J moreno lors diversity forum 4.18.15J moreno lors diversity forum 4.18.15
J moreno lors diversity forum 4.18.15
 
Annual Review 2010
Annual Review 2010Annual Review 2010
Annual Review 2010
 
Lochlan-Hunter-Resume-2015
Lochlan-Hunter-Resume-2015Lochlan-Hunter-Resume-2015
Lochlan-Hunter-Resume-2015
 
Que es power point
Que es power pointQue es power point
Que es power point
 
October 2015 resume kingshook
October 2015 resume kingshookOctober 2015 resume kingshook
October 2015 resume kingshook
 
Rotary peace fellow recruitment
Rotary peace fellow recruitment Rotary peace fellow recruitment
Rotary peace fellow recruitment
 
Resume 1
Resume 1Resume 1
Resume 1
 
2005580_9 - MLC _ Resume _ General _ 2-8-16
2005580_9 - MLC _ Resume _ General _ 2-8-162005580_9 - MLC _ Resume _ General _ 2-8-16
2005580_9 - MLC _ Resume _ General _ 2-8-16
 
Domestic Worker Policy in India FINAL
Domestic Worker Policy in India FINAL Domestic Worker Policy in India FINAL
Domestic Worker Policy in India FINAL
 
Hiccups
HiccupsHiccups
Hiccups
 
Kepimpinan pengawas
Kepimpinan pengawasKepimpinan pengawas
Kepimpinan pengawas
 

Similar to Victorian Bushfires Royal Commission Case Study

Mainstream Renewable Power chose eircom managed network services to deliver q...
Mainstream Renewable Power chose eircom managed network services to deliver q...Mainstream Renewable Power chose eircom managed network services to deliver q...
Mainstream Renewable Power chose eircom managed network services to deliver q...eircom
 
PowerPoint Presentation
PowerPoint Presentation PowerPoint Presentation
PowerPoint Presentation christina0310
 
Presentation cloud security the grand challenge
Presentation cloud security the grand challengePresentation cloud security the grand challenge
Presentation cloud security the grand challengexKinAnx
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challengesKresimir Popovic
 
The security story behind critical industrial networks
The security story behind critical industrial networks The security story behind critical industrial networks
The security story behind critical industrial networks odix (ODI LTD)
 
Telecity Group Corporate Overview 2009
Telecity Group Corporate Overview 2009Telecity Group Corporate Overview 2009
Telecity Group Corporate Overview 2009RoCo1980
 
Ensuring Data Protection by controlling the Use of Removable Media
Ensuring Data Protection by controlling the Use of Removable MediaEnsuring Data Protection by controlling the Use of Removable Media
Ensuring Data Protection by controlling the Use of Removable MediaNetwrix Corporation
 
Case_Study__Juniper_Expedient_2015
Case_Study__Juniper_Expedient_2015Case_Study__Juniper_Expedient_2015
Case_Study__Juniper_Expedient_2015John White
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersRishabh Gupta
 
Unchartered shores Agile Private Cloud Deployment
Unchartered shores Agile Private Cloud DeploymentUnchartered shores Agile Private Cloud Deployment
Unchartered shores Agile Private Cloud DeploymentTerence Sathyanarayan
 
Cloud computing & IAAS The Dual Edged Sword of New Technology
Cloud computing & IAAS The Dual Edged Sword of New Technology Cloud computing & IAAS The Dual Edged Sword of New Technology
Cloud computing & IAAS The Dual Edged Sword of New Technology Mekhi Da ‘Quay Daniels
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and riskEY
 
Cloud data security and various cryptographic algorithms
Cloud data security and various cryptographic algorithms Cloud data security and various cryptographic algorithms
Cloud data security and various cryptographic algorithms IJECEIAES
 
dataProtection_p3.ppt
dataProtection_p3.pptdataProtection_p3.ppt
dataProtection_p3.pptssusera76ea9
 
USB Port Protection that Hardens Endpoint Security and Streamlines Compliance
USB Port Protection that Hardens Endpoint Security and Streamlines ComplianceUSB Port Protection that Hardens Endpoint Security and Streamlines Compliance
USB Port Protection that Hardens Endpoint Security and Streamlines ComplianceNetwrix Corporation
 
EMC - Bruno Melandri, Cloud Computing, Milano 2 luglio 2009
EMC - Bruno Melandri, Cloud Computing, Milano 2 luglio 2009EMC - Bruno Melandri, Cloud Computing, Milano 2 luglio 2009
EMC - Bruno Melandri, Cloud Computing, Milano 2 luglio 2009Manuela Moroncini
 
Automation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formattedAutomation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formattedMatthew Moldvan
 
130424 bitkom ucc_cloud_v06
130424 bitkom ucc_cloud_v06130424 bitkom ucc_cloud_v06
130424 bitkom ucc_cloud_v06Michael Burian
 

Similar to Victorian Bushfires Royal Commission Case Study (20)

Mainstream Renewable Power chose eircom managed network services to deliver q...
Mainstream Renewable Power chose eircom managed network services to deliver q...Mainstream Renewable Power chose eircom managed network services to deliver q...
Mainstream Renewable Power chose eircom managed network services to deliver q...
 
PowerPoint Presentation
PowerPoint Presentation PowerPoint Presentation
PowerPoint Presentation
 
Presentation cloud security the grand challenge
Presentation cloud security the grand challengePresentation cloud security the grand challenge
Presentation cloud security the grand challenge
 
Cloud computing security issues and challenges
Cloud computing security issues and challengesCloud computing security issues and challenges
Cloud computing security issues and challenges
 
The security story behind critical industrial networks
The security story behind critical industrial networks The security story behind critical industrial networks
The security story behind critical industrial networks
 
Telecity Group Corporate Overview 2009
Telecity Group Corporate Overview 2009Telecity Group Corporate Overview 2009
Telecity Group Corporate Overview 2009
 
Ensuring Data Protection by controlling the Use of Removable Media
Ensuring Data Protection by controlling the Use of Removable MediaEnsuring Data Protection by controlling the Use of Removable Media
Ensuring Data Protection by controlling the Use of Removable Media
 
Case_Study__Juniper_Expedient_2015
Case_Study__Juniper_Expedient_2015Case_Study__Juniper_Expedient_2015
Case_Study__Juniper_Expedient_2015
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommuters
 
Unchartered shores Agile Private Cloud Deployment
Unchartered shores Agile Private Cloud DeploymentUnchartered shores Agile Private Cloud Deployment
Unchartered shores Agile Private Cloud Deployment
 
Cloud computing & IAAS The Dual Edged Sword of New Technology
Cloud computing & IAAS The Dual Edged Sword of New Technology Cloud computing & IAAS The Dual Edged Sword of New Technology
Cloud computing & IAAS The Dual Edged Sword of New Technology
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and risk
 
Cloud data security and various cryptographic algorithms
Cloud data security and various cryptographic algorithms Cloud data security and various cryptographic algorithms
Cloud data security and various cryptographic algorithms
 
Key Capibilities.pptx
Key Capibilities.pptxKey Capibilities.pptx
Key Capibilities.pptx
 
dataProtection_p3.ppt
dataProtection_p3.pptdataProtection_p3.ppt
dataProtection_p3.ppt
 
USB Port Protection that Hardens Endpoint Security and Streamlines Compliance
USB Port Protection that Hardens Endpoint Security and Streamlines ComplianceUSB Port Protection that Hardens Endpoint Security and Streamlines Compliance
USB Port Protection that Hardens Endpoint Security and Streamlines Compliance
 
EMC - Bruno Melandri, Cloud Computing, Milano 2 luglio 2009
EMC - Bruno Melandri, Cloud Computing, Milano 2 luglio 2009EMC - Bruno Melandri, Cloud Computing, Milano 2 luglio 2009
EMC - Bruno Melandri, Cloud Computing, Milano 2 luglio 2009
 
CSO CXO Series Breakfast
CSO CXO Series BreakfastCSO CXO Series Breakfast
CSO CXO Series Breakfast
 
Automation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formattedAutomation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formatted
 
130424 bitkom ucc_cloud_v06
130424 bitkom ucc_cloud_v06130424 bitkom ucc_cloud_v06
130424 bitkom ucc_cloud_v06
 

Victorian Bushfires Royal Commission Case Study

  • 1. industry: Public Sector country: Australia business challenge: Access to a secure, flexible and reliable IT infrastructure that enabled the Commission to complete its classified and time-sensitive work solution: A multi-vendor technology environment that would support the Commission’s requirements without increasing complexity or reducing time to act services: End-to-end Suite of Managed Services providing technical ability and on-call 24-hour support, enabling the Commission to function without concern for the underlying IT infrastructure results: • Provided a single point of access despite a large number of vendors and technologies, ensuring peace- of-mind • Provided technical expertise and knowledge on-hand without reliance on internal IT staff, meeting the Commission’s budgetary constraints by providing a reasonably priced service • Managed incidents successfully, including flood damage, with no disruption to proceedings or unscheduled downtimes Victorian Bushfires Royal Commission Victorian Bushfires Royal Commission Outsourced Infrastructure and Management to Dimension Data case study Executive Summary Dimension Data designed and implemented a complex IT infrastructure for the 2009 Victorian Bushfires Royal Commission, which was set up in response to Black Saturday. Management of the IT environment was outsourced to Dimension Data, who provided a single point of contact for the Commission. Client Overview The 2009 Victorian Bushfires Royal Commission was established on 16 February 2009 to investigate the causes of, preparation for, and responses to the Victorian bushfires which swept through parts of Victoria in January and February 2009. The Commission also examined the impact of the fires on infrastructure. The culmination of the 18-month inquiry was the Final Report, released on 31 July 2010. Business Challenge The Victorian Bushfires Royal Commission (the Commission) planned to establish its headquarters at 222 Exhibition Street, Melbourne. Along with the fit-out of the building, the Commission required a fully designed and implemented IT infrastructure to enable it to conduct all necessary work within stringent deadlines. As well as technical ability on call, the Commission needed to operate key services without worrying about its underlying IT infrastructure, with few internal IT staff. The most important feature within this infrastructure was rapid set-up and robust security, explains Kaye Fox, Business Services Manager at the Commission: “Security was the most critical requirement because we were responsible for sensitive and classified information, and needed to operate separately from the government. We also had to be ‘unhackable’, as there were a lot of people interested in what we were doing. We also needed to provide other potentially risky features, such as remote login, and to transfer large files to external parties.” Although the Commission’s approach was generally in favour of openness, transparency and accessibility, there were some occasions when it was necessary to close hearings or impose limitations on the publication of information in the public interest. Data was collected from a range of sources: the public, represented parties before the Commission including governments, private companies, and fire- affected individuals and communities. As a consequence, levels of security ranged from public domain to classified material, or even protected status level. Nevertheless, a significant degree of flexibility was required. The right people needed the ability to access the right category of information, either on-site or remotely. Data had to be moved around while still maintaining the applicable level of confidentiality.
  • 2. case study | Victorian Bushfire Royal Commission Moreover, due to the nature of the work being undertaken by the Commission there were a number of extremely tight timeframes that had to be achieved in both the implementation and ongoing support services. Dimension Data was selected from the Victorian Government eServices Panel to audit the existing IT infrastructure at the proposed headquarters in Exhibition Street and prepare an IT infrastructure proposal based on the audit and the Commission’s anticipated needs. Dimension Data responded within two days of the request, and was subsequently engaged to design the IT infrastructure and oversee its introduction. “We really got a good product at a good price, and the service on top of that provided us with an excellent result.” Kaye Fox, Business Services Manager, 2009 Victorian Bushfires Royal Commission Solution Delivered The IT infrastructure designed by Dimension Data was complex and involved an array of vendors providing sophisticated technologies. Each was carefully selected as the best solution for the Commission’s needs, while bearing in mind budgetary constraints. In many situations, Dimension Data was able to present a range of options, enabling the Commission to select the best fit for outcome and budget. The server and workstation infrastructure, as well as security/anti-virus were provided by Dimension Data. Infrastructure services for the Commission’s users were provided by Microsoft Windows Server 2003 and 2008, such as file and print services; user authentication; enforcement of polices and settings; and automated workstation deployment. The Commission’s messaging platform was Microsoft Exchange, while SharePoint was employed for collaboration and centralised document storage. Other vendors included Cisco for core network and firewall; Check Point for internet gateway and firewall services; and Cisco IronPort for mail routing and hygiene. Secure forward/ reverse proxying and traffic shaping was provided by Blue Coat. McAfee solutions were employed for anti-virus, device encryption and intrusion protection, while RSA was utilised for two factor authentication. EMC handled storage area network (SAN). Finally, server hardware came from IBM and HP, and secure file transfer services from Accellion. Once the infrastructure was implemented, the Commission had to determine the best management model. “Initially the Commission was unsure about the best model – managing internally or externally? However, we decided to go with fully managed services. I had experience with this model before and knew it was the way to go. Not only does it provide a one-stop-shop, but one organisation takes responsibility for upgrades and other requirements. Taking the managed services path was better than managing the environment ourselves,” says Fox. Dimension Data was contracted to provide IT infrastructure maintenance and support, on-site support during business hours and 24-hour call centre desktop support and business recovery support. Server virtualisation technology was extensively deployed at the Commission. The virtualisation platform chosen was Hyper-V, a component of Microsoft Windows Server 2008, which ensured separation of the server roles, minimised the server footprint and provided disaster recovery options. The Hyper-V platform was also hardened using standardised security guidance to minimise the risk of exploitation of the virtualisation platform. A large range of measures were in place to meet the Commission’s exacting security requirements. “From the very beginning of the Commission we employed an independent security consultant to assist in meeting our security requirements. To make each element secure, Dimension Data would take our requirements, and present us with an option. We would run this past our consultant, and then implement the solution,” says Fox. Each of the Windows servers that were provisioned for the Commission was put through rigorous hardening before placing in production. All Commission workstations were configured using a Managed Operating Environment (MOE), which was locked down in accordance with the Commission’s security requirements to reduce the risk of exploitation and ensure the protection of sensitive material. In addition, if any issues were discovered, the workstations could be quickly rebuilt using the standard image and redeployed to a user. “We really got a good product at a good price, and the service on top of that provided us with an excellent result.” Kaye Fox, Business Services Manager, 2009 Victorian Bushfires Royal Commission
  • 3. case study | Victorian Bushfire Royal Commission For further information visit: www.dimensiondata.com/solutionsCS / DDCC-0787 / 03/11 © Copyright Dimension Data 2011 The workstation fleet was protected by a managed anti-virus solution from McAfee. This provided malware protection, anti-virus and host intrusion prevention protection mechanisms. To reduce the chance of losing sensitive data, each of the Commission laptops had full device encryption of all data. Certain systems also utilised McAfee Host Intrusion Protection (HIPS) to proactively protect the system against zero day threats. One of the prime areas for potential loss of sensitive material and security compromise was the email system. Several different controls were implemented to minimise the risk of exposure. Email received from the internet was initially sanitised from viruses and malware using a Cisco IronPort solution, ensuring email hygiene for all incoming and outgoing email messages. To fully secure the Commission’s Exchange platform, a combination of McAfee anti- virus and Microsoft Forefront Security for Exchange was implemented. All internet traffic was also scanned for malware and viruses using a forward proxy solution provided by Blue Coat, which provided an interface between the workstations and the internet for extra security. The device also limited the use of various categories of internet content known to pose high risks of corruption, such as webmail. While this created some restrictions on speed and accessibility, the Commission’s vulnerability to data loss was further reduced. All electronic classified material was stored on a highly redundant SAN located in a secure data room. This assisted in ensuring correct access and data redundancy as well as physically securing the data holdings. The secure gateway, which was the main security asset, ensured that access to Commission systems and data was accorded only to authorised users. Public domain data – that is, declassified data – was not hosted internally but at a web hosting provider which offered more cost-effective peak load attributes. This reduced costs as bandwidth needs varied dramatically, particularly on the release of any official reports by the Commission. The gateway also included malware, intrusion detection, bad content filtering, access between secure and non-secure segments, reverse and forward proxies as well as classified black box appliances in the demilitarised zone (DMZ). An important requirement for the Commission was secure remote access to its systems for internal users when not within the headquarters, demanding thorough security measures. A secure two factor VPN solution was implemented utilising Cisco and RSA technology. This was only accessible on certain Commission laptops and access was restricted and monitored within the firewall connection. Users were also provided guidance on the connections that were able to securely access the Commission network. Security Protocol 802.1x-based mechanisms were implemented to ensure that no access was permitted from unsecured or home wireless access points. This access utilised encryption, secure gateways and strong authentication, among other mechanisms. A system-wide backup occurred nightly and backup copies were stored in a secure off-site facility to minimise the risk of data loss and provide recovery if necessary. •