Insights

Chris Rose: 3.5 minute read

Managed Security – Why is it important?

The safeguarding of data for local authorities is of paramount importance and round the clock protection needs to be ensured. 

Today we expect to be able to manage everything on the move, with minimal effort and maximum protection. Managed Security Services such as the one provided by our ECLIPSE Security and Governance enable this protection for local authorities. They work round the clock to proactively address security threats and squash them before they turn into the next Wannacry virus.

What is Managed Security?

In a nutshell it is an online security service that sits behind the scenes guarding your organisation from attack. It is not a software tool. Managed Security is a complete service, combining best in breed software and skills.

With Cyber Security Managers in Local Authorities, Health and Healthcare typically have too much to do and lack the tools to safeguard citizen’s data. With the number of threats out there, it is an uphill battle and judging from the rapidly growing number of victims, it’s a battle many are not winning. Managed Security helps to re-energise defences and prevent successful attacks.

ECLIPSE Security and Governance

As an organisation our mission is to take the complexity out of people's lives through innovation in software and services. Our ECLIPSE platform is the personification of this goal, containing solutions to case management, multi-agency working practices, finance and more. It is a one of a kind platform that enables unique efficiency gains, providing more time for practitioners to spend with the most vulnerable. Managed security plays a huge role in underpinning this functionality. 

Our ECLIPSE Security and Governance team utilises a partnership approach to enterprise cyber security that offers a distinctive service, aiming to raise levels of cyber security to those appropriate for the local government and health environment. Designed by necessity, the service addresses the very particular set of issues faced by local authorities and other public sector and 3rd sector organisations.

It covers:

  • Activity Detection
    Network Intrusion Detection Systems and Host Intrusion Detection Systems

  • Asset ID and Management
    Scans all of the assets in your network (physical and Cloud based) to tag them and ensure that any change in status is noted and removed

  • Protective Monitoring
    Takes the guesswork out of security management by analysing and correlating security events across all systems

  • Threat Intelligence
    Proactively work with more than 65,000 participants in more than 100 countries to identify and remove thousands of threats per day

  • Vulnerability Scanning
    Utilises a combination of regular scans and threat intelligence sources to create a secure system

 

The security landscape can be a confusing and frustrating area where hidden costs can quickly escalate and IT tools often do not deliver their promised gains (without hard to secure specialist skills). Our Managed Security Service is different.

It provides the complete service (people, process, technology, intelligence and compliance) to ensure that your organisation's security ambitions are realised. Our cyber consultants have many years of experience advising local authorities on cyber security and are available for the provision of practical, actionable advice.

ECLIPSE Security and Governance @ Central Bedfordshire

Central Bedfordshire knew that they needed to improve their existing security arrangements. They therefore went out to market to review the available options. Whilst there were lots of different software tools and managed security providers available, the majority of them were unsuitable for the unique requirements of a local authority. They were stuck. This was until they reviewed the Managed Security Service provided by OLM.

The Security and Governance team had spent the previous three years assessing the requirements of local government cyber security in order to develop the Managed Security Service. It offered Central Bedfordshire a best of breed Unified Security Management solution based off of more than 25 years’ experience.

In April of last year, Central Bedfordshire commissioned OLM and the ECLIPSE Security and Governance team. In the same month sensors were deployed in the two main data centres and the service commenced. Bernard Sykes, Operations and Networks Manager at Central Bedfordshire Council commented on the launch;
“We quickly derived more benefit from the service than we got from the pure SIEM system we had deployed for several years”.

A phased delivery plan was agreed and a data centre technical refresh programme was implemented almost immediately. It was agreed that this would be introduced as “security by design” for the new infrastructure, rather than reengineer legacy systems that were due for replacement. This process has progressed well and Emel Morris, CIO, Central Bedfordshire Council commented about the partnership;

“The world of cyber security is a complex one, with an increased number of cyber-attacks and threats every day. OLM have the right mix of skills and tools to ensure we have an appropriate level of cyber security. Using the Managed Security Service we believe that our citizen's data is safer. The service has meant we have more visibility of potential or actual issues and can work proactively to contain and prevent them from causing harm"

In Conclusion
Cyber Security affects us all, from protecting our credit card information online to safeguarding the data of the most vulnerable. For local authorities the protection of this data is paramount as without it, it is merely a matter of time before another WannaCry style attack, safeguarding breach or financial loss rears its ugly head. All of this data is housed at the local authority and hackers are becoming more aware of this, at the same time as becoming increasingly audacious with their attacks.

A dedicated service such as the one that is offered by our Security and Governance team is essential. Local authorities have a duty of care that goes beyond the physical, which extends into every facet of the organisation. We can help them to safeguard this information.