Security vs Access

It’s interesting to see how the right sort of tension in the workplace can bring about better results in what a team is trying to achieve. I’m working on a long term project at the moment for the Isle of Man Government, which is tasked with putting a number of services online for citizens to use. This implies access to a number of back-end systems which normally would only be accessible to civil servants on the Government network.

We have built an infrastructure to deliver these services, however, in order to access real-time data on back-end systems we need to enable communication from the Government’s website all the way to the relevant back-end system. And this has made us extremely unpopular with some of the security team.

So, where are the security bods coming from? Well, one of their fundamental principles is that there is a security perimeter around the organisation and NOTHING should be able to traverse this unless it is initiated from inside the organisation. It’s a valid principle, however following this principle to the letter would mean we could not provide any online services without staging data outside the internal network. Doing this would have had impossible for us, not only because of the volume of data we were talking about, and but primarily because we’re not simply providing access to data, but actually integrating the citizen into a business process that’s running on Government systems.

So were the security team an obstacle for us? I wouldn’t say so, though I might say they were a challenge to accommodate. The beauty of the relationship though was that they questioned us every step of the way and in because of this we produced a more robust, elegant and secure solution. Exposing core systems to the Internet is not something that should be taken lightly and the security team made sure we didn’t take the easy way out. So thank you guys, together we’ve built a better solution for everyone.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.