As well as the various security tools that are available to IT teams, it is great to see the in-house development of solutions and even better when they choose to talk to the press about them.
I was recently contacted by a member of Stockport Council's ICT department who told me about a new in-house development to allow remote access to desktops. Calling it the '.Roamkey', it is ‘a secured operating system stored on a bootable USB pen drive' that allows a user to make use of an unmanaged computer to access ICT services in a secure manner.
I asked Mark Doyle from the ICT department what the circumstances were around the solution being developed. He said that the solution was developed in order to resolve a number of issues, namely that employees were previously using insecure or unmanaged equipment to access Stockport Council's ICT services and not only did this pose a risk to security of the internal networks, it also presented a risk of data leakage security.
He also said that users were experiencing difficulties configuring their personal computers to access Citrix, creating a support overhead on unsupported IT equipment, while providing extra IT equipment (laptops or thin clients) for casual home workers was proving to be ‘prohibitively expensive'.
Asked if he was inspired (either positively or negatively) by other available solutions when creating this, Doyle said: “We began developing the .RoamKey purely in response to needs identified via IT service management. We believed that we had the skills and knowledge already available within operational ICT to develop a solution.
“We had previously looked at using removable media to initiate client rebuilds. We were not aware of any similar products until after it was developed, although it became apparent at that time that a number of expensive but very similar alternatives were becoming available.
“We did review some of these but found that they offered nothing additional (for Stockport Council) to what our own .RoamKey could provide. The .RoamKey is CESG compliant (but not approved) as all our GCSX/GSI users are office based we do not have a specific requirement to implement a CESG approved product.”
Asked how this is meeting the needs of the council, its IT team and employees, Doyle said that employees are now able to make use of their own ICT equipment to securely access council provided ICT services and there is no longer any need for users to configure their own equipment or to request support form ICT.
“There is a cost saving as dedicated ICT equipment no longer needs to be purchased for casual or ad-hoc home workers and ICT can now provide .Roamkeys to staff for remote working in compliance with the Code of Connection,” he said.
Doyle said he believed that Stockport Council's ICT department was the first in the public sector to do something like this, and it has plans to sell .Roamkey to other public sector bodies and private industry.