Strategy for Mobile ID
|
|
- Jean Chambers
- 8 years ago
- Views:
Transcription
1 Mobile ID Devices Strategy for Mobile ID 20 September 2013 Version 2.1
2 Strategy for Mobile ID Solutions Contents Summary...1 Context...2 Police and immigration services...2 Mobile solutions generally...2 Mobile applications for police and immigration...2 Characteristics specific to police and immigration use...3 e-mobidig...3 Suggested Good Practice...4 1: Take a strategic approach focused on business benefits...4 2: Describe the vision and roadmap...4 3: Mobilise business process not just technology...4 4: A mobile device is a component not a solution...4 5: Smart infrastructure the secure central hub...5 6: Understand connectivity...6 7: Excellence across several technologies...7 8: Pilot and learn...7 9: Test robustly...7 Strategy...8 Your next move: developing a strategy for mobile solutions...8 Self-check: Where is my strategy?...9 Editorial note This is Version 2 of an e-mobidig strategy paper and suggests considerations for police and immigration in developing a strategic approach for mobile identification solutions. It replaces the earlier Version 1 which was more a strategy approach for the e-mobidig group itself. Comments are welcome. Frank Smith, Chair, e-mobidig frank.smith@homeoffice.gsi.gov.uk
3 e-mobidig EU Mobile Identification Interoperability Group Supporting police and immigration use of mobile solutions Strategy for Mobile ID Solutions Summary Mobile technology is improving rapidly. This has important implications for police and immigration officers working away from fixed locations, for example on patrol or at the border, particularly in relation to identification. Participants in the e-mobidig working group are clear that mobile solutions can make a valuable contribution to policing and immigration and border control but that sound principles need to be followed taking account of previous experience and lessons learned. A strategic approach is needed focusing on overall business benefits to the organisation as a whole. This guide suggests good practice to be followed. Strategy on the use of mobile devices is decided at national rather than EU level but this paper presents thinking from e-mobidig which we hope will help Member States in this task. Key suggestions on good practice from e-mobidig, described in this paper, are: 1. Take a strategic approach focused on business benefits. 2. Describe the vision and roadmap. 3. Mobilise business process not just technology. 4. A mobile device is a component not a solution. 5. Smart infrastructure the secure central hub. 6. Understand connectivity. 7. Excellence across multiple technologies. 8. Pilot and learn. 9. Test robustly. Discussion at meetings of the e-mobidig working group have contributed to a series of further papers: (2) Use cases examples of how mobile ID devices could be used. (3) Country examples illustrating projects and developments in particular EU Member States. (4) Technical guide what technologies are relevant to mobile ID devices and key aspects of what is important to consider. (5) Standards examples of agreed standards relevant to this area. 1
4 Context Police and immigration services Each Member State in the EU has operational services responsible for policing and immigration, even though the allocation of responsibilities and legal powers may differ. In doing their work, officers from these services have to distinguish between people who are honest about their identity, and others who try to avoid identification, possibly because they are wanted as suspects for a crime, because they are engaged in unlawful activity and want to conceal their presence, or because they are using false documents or identity. Mobile solutions generally Mobile devices have been undergoing a radical transformation. In the mass market, consumers have been liberated from having to use desktop computing at fixed locations to access the internet: they now can have affordable handheld smartphones and lightweight tablets built for easy use on the move. With these they can book travel, hotels and entertainment, make payments, and message social friends in real-time, keep up to date with the latest news, locate where they are on a map and navigate to another place or search for local information, search the internet globally and download and install new software applications that leverage the high volume of sales to achieve very low price. New and better devices and improved mobile communications such as 4G continue to be developed. All of this is creating a powerful awareness of the technology and its capability, and officers increasingly expect similar technology to be available to them at work to access systems previously only available at fixed locations. This vision is inspiring innovation, though users may be less conscious that particularly for immigration and police, solutions continue to need rigorous security controls to protect confidential core systems from attack, and that bespoke solutions do not benefit from the same very large user base to spread costs and reduce price. Mobile applications for police and immigration Possible applications of mobile technology for immigration and police use: Authenticating travel and identity documents using secure (cryptographic) technology to authenticate a travel or identity document and information held on the chip, such as face images and the holder s name. Fingerprint verification from travel / identity documents EU chipped documents increasingly contain fingerprints of the authorised holder, allowing more secure validation that the right person is presenting the document. Fingerprint search of central systems to confirm identity or search reference systems, watchlists, etc. Biographic checks against central identity systems e.g. to check whether someone is wanted by the police or is a previous offender, or whether a travel or identity document presented to the officer has been reported lost or stolen. Business transactions (casework) at remote locations requiring more conventional desktop services and access to systems, and possibly enrolment of biometrics, decisions, enforcement notices, etc. Capturing evidence written statements, photographs, voice recording, interviews, geo-tagging. 2
5 Rapid deployment to respond to an urgent operational need such as many unexpected arrivals at a remote border crossing; a planned operation; or other reasons for urgent deployment of officers away from the office. Others checks against central identity systems e.g. driving licence, vehicle identification Receiving and sending information from/to the central control room Writing reports Contributing to forensic crime scene analysis. Mapping and location-based services using geo-location technology to manage operations, determine current position, log and report position and time, display reference information and intelligence relevant to the location, navigate, and geo-fence operational areas where a device will work. See also the e-mobidig papers on use cases and country examples. Characteristics specific to police and immigration use The police and immigration market can benefit hugely from all of these developments, but perhaps not in standard form. This market needs particularly: Software development to connect to specialist applications for police and immigration including fingerprint matching and the protocols and infrastructure to authenticate secure passport and ID card chips. Support for external devices such as fingerprint readers. A strong emphasis on security so that a mobile device can be locked down to prevent malicious changes to the software; encryption to protect communications, data held on the device; and rigorous control over access to core systems. Many mobile consumer devices are designed to enable software easily to be downloaded and installed by the user this has to be prevented on a device for police or immigration use. Robust physical devices that will stand up to operational policing and immigration use. If needed, use of specialist data networks for emergency services (e.g. Tetra). Development of infrastructure and systems to work with the mobile devices. Although operationally independent, there are strong similarities between police and immigration work in different MSs are there more opportunities for sharing of good practice, solutions? Structures and the division of responsibilities between police and immigration may differ between countries. Nevertheless, there are opportunities to share good practice between MSs, as shown by e-mobidig. Are there also opportunities to share the design of solutions, and perhaps purchasing of common equipment, between MSs? e-mobidig The e-mobidig working group (EU Mobile Identification Interoperability Group) brings together practitioners and experts in police and immigration services, in different Member States, and in industry and government, to understand developments and trends relevant to mobile ID devices; to recommend how to develop good solutions and strategies; and to help others to avoid repeating expensive mistakes that can be made. This paper on strategy should be read with the other reference papers published by the working group. 3
6 Suggested Good Practice The following good practice suggestions arise from discussions and presentations in meetings of the e-mobidig working group. 1: Take a strategic approach focused on business benefits A strategic approach means focusing planning and delivery on solutions that support the primary aims of the organisation as a whole, judging success on the outcomes achieved. It means designing and building ideas that work well operationally, driving out potential benefits rather than just delivering technology. A strategic approach for mobile solutions would also see common technology being planned (devices, back end systems and infrastructure) that can be re-used, not multiple individual solutions, risking duplication, poor interconnection and missed opportunities. What are the outcomes the organisation expects from an investment in mobile technology, focusing on the business benefits? How will evidence be obtained to prove that planned benefits are achieved in practice? 2: Describe the vision and roadmap To show the organisation what a strategic approach would look like and to gain support for co-operating to deliver that, a vision of what that end-state looks like is needed. It may well not be possible to build a full strategic solution from the outset. A roadmap is helpful to show how the organisation can progressively build new applications and infrastructure to work from where they are now towards realising the vision. Piloting and learning (see below) will help to validate expected benefits and decide whether each potential application should be rolled out. 3: Mobilise business process not just technology Developing a good technical solution that works well, away from a fixed location and network is important, but if it is used with the old business process, results may be poor. To achieve full potential benefit from a mobile development, the technical design and the business process design should be considered together. It may be better to work in a new way to take full advantage of a new mobile solution. Change management and user training are important. Planned benefits can be lost if users are under little pressure to use mobile solutions effectively (or at all) effective use may well require consistent management effort to drive out full delivery of planned benefits. 4: A mobile device is a component not a solution New and more capable mobile devices are being produced all the time. A device may enable a solution or help to deliver a good strategy, but no device on its own can be a mobile strategy or complete solution. Some observations: Is there one ideal mobile device? Probably not for a whole police force or immigration service: suitability for purpose can only be judged in relation to particular business needs which are likely to vary between users and business functions. Different users may need a small smartphone for best mobility; some may need the larger screen of a tablet to view more information with limited input required; others may need a larger screen with extensive input and find that a laptop is best for them; and some but not all of these may need multiple peripherals such as camera, fingerprint reader, document reader and/or printer. Some may need long battery life for continuous mobile operation; others will be 4
7 more intermittent users. The ideal solution may be a range of mobile devices, with good interoperability and the capability to adapt over time. A device agnostic approach is therefore desirable, trying to make the overall strategy more independent from particular devices and suppliers. Standard interfaces may help to make it easier to add new devices and avoid lock in to one solution. Mobile device management (MDM) should be included in a mobile strategy, helping to deliver good control and security, managing users and access rights and tracking who is responsible for every unit, at which location. Cost effective MDM solutions are available e.g. through cloud technology and can increase capacity and help to reduce support and back office costs. 5: Smart infrastructure the secure central hub The need for supporting a range of mobile devices and of back end systems accessed by mobile users argues for an architecture based on some form of central, secure hub supporting the service for mobile users. This would connect to multiple devices and to multiple back end solutions to orchestrate complex transactions using middleware. The relationship between mobile devices, the hub, and reference systems is shown in this figure (see also the e-mobidig Technology Guide). Mobile device A Mobile device B Mobile device C Mobile device D Security Firewall, VPN Middleware Secure integration Connections Services Presentation, orchestion, data sharing, control, audit, software re-use System 1 e.g. fingerprint system System 2 e.g. watchlist system System 3 e.g. ops management system System 4 e.g. PKI central source An example of a complex, orchestrated search possible with this architecture would be a fingerprint search to identify someone. Once the fingerprint system had returned an identity, the hub could use this to search other reference systems, to locate further information on that person, and then prioritise and arrange the information to present it concisely on screen. A hub can help in re-use of services so that a new device can readily make use of existing reference systems and workflows, and a new reference system can more easily be made available to existing mobile devices. A smart design of infrastructure can help to manage complexity to deliver an effective, secure and adaptable strategic solution serving multiple device types and connected to multiple back end systems. It is however important to set and manage realistic expectations about what can and cannot be achieved. 5
8 Such a solution, though strategic for mobile users, may however not be implemented in isolation from broader strategic considerations for the organisation as a whole. Solutions for mobile users may only be one example of a broader, enterprise-wide approach the organisation wants to implement. For example the hub shown above may be one example of an enterprise-wide shared messaging and workflow approach often described as an Enterprise Service Bus; federated searching and identity management / resolution, and a common data platform providing a single version of the truth and shared links to external partner organisations may all be shared solutions of which mobile devices and users are only one of many users. A broader, enterprisewide solution for immigration may look like the following (illustrative only): Mobile users and devices Internal desktop users International / external partners (proven / trusted) Customers : public, business (unknown status?) Security Firewall, VPN different security rules for different classes of user Enterprise Service Bus Integration, messaging Presentation, orchestion, data sharing, control, audit, software re-use Limited security zone Confined area for lower trust users e.g. customer selfservice accounts Common Data Platform Biometrics Case management Border / travel Reporting / data warehouse 6: Understand connectivity Mobile communications can be a powerful enabler for access to business functions on the move, and continues to improve. However, connectivity can also be problematic and will not always be perfect (or even available), in every location. Even though fixed and mobile communications are increasingly converging, mobile communication is not (yet) a universal replacement for a fixed networks. It is important to understand why mobile communications can be problematic, where there are limitations and how improvements may be achieved (see further explanation in the Technical Guide). A solution needs to be mobile aware it needs to be built with a good understanding of where mobile solutions differ from their fixed equivalents. Are communications always necessary? Can a device operate some or even all of the time with no communications? If all the reference data needed to do a job can be loaded onto a device before an officer starts duty, and all data collected be transferred from the device after the duty (example: enforcement tickets?), communications may not be needed for that task, resulting in a lighter device with more battery life because radio is not used. If a device can operate some of the time with no signal (example: fingerprint enrolment from several people?) and then be moved to where the signal is good to resume connection, to send the data and obtain a result, the device will be more tolerant of poor and interrupted connectivity. 6
9 7: Excellence across several technologies Excellence in mobile solutions and strategies needs excellence in several technologies and methods, e.g. mobile technology, mobile communications, security, biometrics, secure authentication of documents this needs sufficient expert knowledge in all these subject areas, plus integration of different streams into a single solution. 8: Pilot and learn Mobile solutions cannot just be designed on paper they require a highly practical solution that works for the organisation and its officers, in the actual context. Design and analysis can go a long way, but ideas may need to be tried out and perfected (or even, rejected) in operational use. Piloting on a smaller scale in live operation may be very effective in validating ideas, for example before a larger rollout. Even if the device is right, lessons may still need to be learned about how best to use them in the business process for maximum value, to train users effectively, and so on. Good piloting and learning will improve users confidence in the solution. Make sure that lessons learned are included in user training. How can you deliver a strong mobile solution where there is no existing experience? One suggested framework is to get there in three stages: (1) Proof of concept (PoC) prototyping an initial solution and simulating operational conditions to understand business requirements and demonstrate technical feasibility; (2) Proof of Value (PoV) a trial of the technology and processes with a limited user group in operational conditions to demonstrate that benefits can be achieved; before (3) Full rollout of what is by now a proven solution in which you have confidence. 9: Test robustly There are a lot of ways in which a mobile solution may not be fit for purpose. Functional testing is one aspect does it do what it is supposed to do? Nonfunctional testing is also critical is the device reliable and quick enough in practice? Is it able to be used and understood by real users in real use? If the device encounters a connection problem is it able to recover cleanly and automatically? Is the device secure and able to resist all foreseeable attacks, especially as the integrity and protection of core systems could be at risk? Will the solution work at the full loading of transactions required at peak? The approach taken to all aspects of testing must be robust the device needs to be proved to work effectively in real, operational conditions, not just in the laboratory. Testing must expose and resolve any shortcomings before rollout to large numbers of users, including testing new business processes enabled by the mobile solution. Once the right test approach has been found, define it clearly as a test standard for the organisation so that it can be repeated consistently when needed. 7
10 Strategy Your next move: developing a strategy for mobile solutions We believe that many organisations have still to develop a real, organisation-wide mobile strategy. Several have implemented mobile solutions as a tactical approach to solve a particular business issue. It is clear that mobile solutions will become more significant and pervasive over the next decade and there is therefore an increasing need to progress to a full mobile strategy within organisations. e-mobidig would encourage immigration and police services: To note the developments in mobile technology that are taking place and to consider the strategic opportunities these bring for increasing effectiveness and delivering business benefits. e-mobidig encourages each organisation to investigate potential benefits and to develop a strategy for effective use of mobile solutions. When considering a proposal for the use of mobile technology, this is a good opportunity to consider whether this should be progressed as a tactical or strategic solution. A tactical solution particularly with the opportunity to pilot ideas for further development may still be the right approach, but it is worth considering what is best for the organisation whether a more strategic approach should be adopted. To note the good practice advice set out in this paper and in other working papers from the working group. e-mobidig intends to continue to work to identify and share good practice in this field, but encourages others to recognise that no two organisations are identical and that analysis is still needed for the individual circumstances of each organisation. Potential main areas for business benefit from mobile solutions may include: Clearer, quicker, more certain identification of people away from a fixed police or immigration office. This benefits officers in reducing doubt about someone s identity or possibly their intentions, and where appropriate in alerting the officer to important information. It benefits the genuine person who is correctly asserting their identity. It may increase the possibility of detecting identity fraud or apprehending people who are wanted for some reason by the authorities. Benefits may include: increase in operational success and assurance on identity, decrease in missed identification of wanted persons and those considered likely to engage in criminal activity. This may therefore also generate benefits through saving of time and cost in bringing a suspect to a fixed office to do identity checks, potentially unnecessarily. Benefits may include: increase in productivity, saving of staff time / cost, saving of vehicle / fuel costs, potentially savings in office costs because less office space is required with more officers able to work at full productivity away from base. Clearly, all use of mobile (or fixed) systems for identification or other purposes involving personal information must be in accordance with the law within each country, including privacy and data protection, and with operational guidance issued by the service in question. 8
11 Self-check: Where is my strategy? How would you describe your organisation s strategy in relation to mobile solutions? Level Description Commentary 1: Observing We see potential value but are watching developments before committing. Prudent let others make the mistakes and we can learn. Risk-averse? There is already growing capability, and some learning can only be obtained by operational experience. Time to start piloting and thinking about future strategy? 2: Tactical 3: Strategic We have a mobile device for use in the field that connects to one of our core IT systems and are thinking of some further developments. We have an organisationwide mobile strategy and have embedded mobility in our culture. We exploit mobile technology in a coordinated way using a range of mobile devices in several business functions, accessing several core IT systems. This delivers real improvements to our efficiency and effectiveness in achieving the aims of the organisation as a whole. Tactical solution aims to fix or help a specific problem and set of people within the business. Can be a good way to start. Beware of building multiple solutions that do not interconnect. Encourage a more strategic approach for the whole organisation / all solutions. Strategic approach aims to maximise benefit for the whole organisation. Joined up. Coherent. Please share your good experience and lessons learned with others (including e-mobidig). Targeting substantial benefits at the strategic level should provide greatest advantage for an organisation, but requires a sustained, long-term programme to achieve. It is not a simple solution or a quick fix. But to make a long journey you must take the first step and then many more to follow. 9
Information Services Strategy 2011-2013
Information Services Strategy Issue 1 1 Introduction The States of Jersey public sector is facing significant pressure for efficiencies and savings. This has created the context to take a fresh look at
More informationThe Convergence of IT Security and Physical Access Control
The Convergence of IT Security and Physical Access Control Using a Single Credential to Secure Access to IT and Physical Resources Executive Summary Organizations are increasingly adopting a model in which
More informationAudio: This overview module contains an introduction, five lessons, and a conclusion.
Homeland Security Presidential Directive 12 (HSPD 12) Overview Audio: Welcome to the Homeland Security Presidential Directive 12 (HSPD 12) overview module, the first in a series of informational modules
More informationTechnology Strategy April 2014
Technology Strategy April 2014 Contents Overview 1 Our environment 1 Why change? 2 Our vision for technology what success looks like 3 Our approach 7 Transformation shifts how will we know we have been
More informationSmart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi
Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public
More informationStart building a trusted environment now... (before it s too late) IT Decision Makers
YOU CAN T got HAP Start building a trusted environment now... IT Decision Makers (before it s too late) HAP reference implementations and commercial solutions are available now in the HAP Developer Kit.
More informationSymantec Mobile Management 7.2
Scalable, secure, and integrated device management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any previous technology
More informationBusiness Operations. Module Db. Capita s Combined Offer for Business & Enforcement Operations delivers many overarching benefits for TfL:
Module Db Technical Solution Capita s Combined Offer for Business & Enforcement Operations delivers many overarching benefits for TfL: Cost is reduced through greater economies of scale, removal of duplication
More informationThe Convergence of IT Security and Physical Access Control
The Convergence of IT Security and Physical Access Control Using a Single Credential to Secure Access to IT and Physical Resources Executive Summary Organizations are increasingly adopting a model in which
More informationGOALS (2) The goal of this training module is to increase your awareness of HSPD-12 and the corresponding technical standard FIPS 201.
PERSONAL IDENTITY VERIFICATION (PIV) OVERVIEW INTRODUCTION (1) Welcome to the Homeland Security Presidential Directive 12 (HSPD-12) Personal Identity Verification (PIV) Overview module, designed to familiarize
More informationEnterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment. Paul Luetje Enterprise Solutions Architect
Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment Paul Luetje Enterprise Solutions Architect Table of Contents Welcome... 3 Purpose of this document...
More informationDriving License. National Insurance Number
STAR has teamed up with Prevention of Fraud in Travel (PROFiT) and the Fraud Intelligence Network (FIN) to offer our members the best advice about fraud prevention. We recognise the increasing threat of
More informationMOBILITY & INTERCONNECTIVITY. Features SECURITY OF INFORMATION TECHNOLOGIES
MOBILITY & INTERCONNECTIVITY Features SECURITY OF INFORMATION TECHNOLOGIES Frequent changes to the structure of enterprise workforces mean that many are moving away from the traditional model of a single
More informationEnd-to-end security with advanced biometrics technology
www.thalesgroup.com Identity Management End-to-end security with advanced biometrics technology Challenges and opportunities With the explosion in personal mobility and growing migratory flows, governments
More informationEnd-to-end security with advanced biometrics technology
www.thalesgroup.com Identity Management End-to-end security with advanced biometrics technology Challenges and opportunities New environment With the explosion in personal mobility and growing migratory
More informationManaging Mobility. 10 top tips for Enterprise Mobility Management
Managing Mobility 10 top tips for Enterprise Mobility Management About Trinsic Trinsic is a new kind of business communications specialist, built from the ground up to help your organisation leave behind
More informationFuture directions of the AusCERT Certificate Service
Future directions of the AusCERT Certificate Service QV Advanced Plus certificates Purpose Digital signatures non-repudiation, authenticity and integrity Encryption - confidentiality Client authentication
More informationMobile Driver s License Solution
Mobile Driver s License Solution Secure, convenient and more efficient Improved identity protection through secure mobile driver s licenses The introduction of a mobile driver s license is a huge opportunity
More informationBorders, Immigration and Identity Action Plan. Using the National Identity Scheme to strengthen our borders and enforce compliance within the UK
Borders, Immigration and Identity Action Plan Using the National Identity Scheme to strengthen our borders and enforce compliance within the UK Home Office December 2006 Contents Foreword by the Home Secretary
More informationSymantec Mobile Management 7.2
Scalable, secure, and integrated device management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any previous technology
More informationWhat We Do: Simplify Enterprise Mobility
What We Do: Simplify Enterprise Mobility AirWatch by VMware is the global leader in enterprise-grade mobility solutions across every device, every operating system and every mobile deployment. Our scalable
More informationIndustry. Head of Research Service Desk Institute
Asset Management in the ITSM Industry Prepared by Daniel Wood Head of Research Service Desk Institute Sponsored by Declaration We believe the information in this document to be accurate, relevant and truthful
More informationOperating in a New Digital Economy. DAV Management Limited. Delivering your strategy in a world becoming increasingly digital. www.davmanagement.
Operating in a New Digital Economy Delivering your strategy in a world becoming increasingly digital DAV Management Limited www.davmanagement.com Copyright Copyright DAV Management Limited 2015 All Rights
More information"Secure insight, anytime, anywhere."
"Secure insight, anytime, anywhere." THE MOBILE PARADIGM Mobile technology is revolutionizing the way information is accessed, distributed and consumed. This 5th way of computing will dwarf all others
More informationLCS Quick Start Service
BT s Quick Start service is a set of engagements that will enable you to deploy Microsoft Office Live Communications Server 2005 (LCS) into your network, providing an enterprise-grade, real-time communication
More informationLongmai Mobile PKI Solution
Longmai Mobile PKI Solution A quick Solution to External and Internal fraud in Insurance Industry Putting the client at the center of modernization Contents 1. INTRODUCTION... 3 1.1 Challenges... 3 1.2
More informationNSW Government. Wireless services (WiFi) Standard
NSW Government Wireless services (WiFi) Standard May 2014 CONTENTS 1. CONTEXT 2 1.1. Background 2 1.2. Purpose 2 1.3. Scope and application 2 2. STANDARDS GOVERNANCE 2 2.1. Standards to support the ICT
More informationBiometrics and Cyber Security
Biometrics and Cyber Security Key Considerations in Protecting Critical Infrastructure Now and In The Future Conor White, Chief Technology Officer, Daon Copyright Daon, 2009 1 Why is Cyber Security Important
More informationA guide to access control for manufacturing sites
A guide to access control for manufacturing sites What is access control? Access control provides the ability to control, monitor and restrict the movement of people, assets or vehicles, in, out and round
More informationSmall businesses: What you need to know about cyber security
Small businesses: What you need to know about cyber security March 2015 Contents page What you need to know about cyber security... 3 Why you need to know about cyber security... 4 Getting the basics right...
More informationInformation Security
Information Security A staff guide to the University's Information Systems Security Policy Issued by the IT Security Group on behalf of the University. Information Systems Security Guidelines for Staff
More informationCRM for Customer Service and Support
CRM for Customer Service and Support Maximize satisfaction. Drive repeat business Servicing customers effectively is a key component in growing your business through loyal, repeat buyers. Whether it s
More informationBuilding an Effective Mobile Device Management Strategy for a User-centric Mobile Enterprise
Building an Effective Mobile Device Management Strategy for a User-centric Mobile Enterprise Jan Wiewiora White Paper Introduction Users are increasingly relying on smartphones and tablets for work. Recent
More informationTHOUGHT LEADERSHIP PAPER
THOUGHT LEADERSHIP PAPER How to achieve competitive advantage with an enterprise mobile app In today s competitive business climate the pressure is on to make efficiency savings and improvements in customer
More informationWhite Paper Delivering Web Services Security: The Entrust Secure Transaction Platform
White Paper Delivering Web Services Security: September 2003 Copyright 2003 Entrust. All rights reserved. Entrust is a registered trademark of Entrust, Inc. in the United States and certain other countries.
More information, Head of IT Strategy and Architecture. Application and Integration Strategy
IT Strategy and Architecture Application DOCUMENT CONTROL Document Owner Document Author, Head of IT Strategy and Architecture, Enterprise Architect Current Version 1.2 Issue Date 01/03/2013 VERSION CONTROL
More informationThe Cloud for Productivity and Mobility
The Cloud for Productivity and Mobility A Guide for Small and Midsize Business As mobile work becomes the norm, turn to cloud-based solutions to extend productivity, collaboration, and business management
More informationHow To Get Smart Cards From Atos
secure authentication and trusted identity delivering assurance and efficiency to every sector with CardOS Smart Card Solutions Your business technologists. Powering progress Delivering certainty through
More informationExternal Supplier Control Requirements
External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must
More informationWhat to Look for When Selecting a Master Data Management Solution
What to Look for When Selecting a Master Data Management Solution What to Look for When Selecting a Master Data Management Solution Table of Contents Business Drivers of MDM... 3 Next-Generation MDM...
More informationNetwork/Cyber Security
Network/Cyber Security SCAMPS Annual Meeting 2015 Joe Howland,VC3 Source: http://www.information-age.com/technology/security/123458891/how-7-year-old-girl-hacked-public-wi-fi-network-10-minutes Security
More informationA guide to enterprise mobile device management.
WHITEPAPER A guide to enterprise Beyond expectation. www.azzurricommunications.co.uk Introduction. As smartphones and tablets proliferate in the enterprise, IT leaders are under pressure to implement an
More informationSecuring mobile devices in the business environment
IBM Global Technology Services Thought Leadership White Paper October 2011 Securing mobile devices in the business environment By I-Lung Kao, Global Strategist, IBM Security Services 2 Securing mobile
More informationTHOUGHT LEADERSHIP PAPER
THOUGHT LEADERSHIP PAPER How to develop successful mobile applications for your business As consumers we increasingly expect information and services to be available wherever we are and on whatever device
More informationWhite Paper On Pilot Method Of ERP Implementation
White Paper On Pilot Method Of ERP Implementation Rod Clarke Rod Clarke provides guidance, advice and support to businesses in successfully applying IS/IT in support of their business goals. He brings
More informationSmall businesses: What you need to know about cyber security
Small businesses: What you need to know about cyber security Contents Why you need to know about cyber security... 3 Understanding the risks to your business... 4 How you can manage the risks... 5 Planning
More informationCPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS
CPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS MARCH 2011 Acknowledgements This Viewpoint is based upon the Recommended Practice: Configuring and Managing Remote Access
More informationSymantec Mobile Management for Configuration Manager 7.2
Symantec Mobile Management for Configuration Manager 7.2 Scalable, Secure, and Integrated Device Management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices
More informationA guide to Access Control in care homes
A guide to Access Control in care homes www.bsia.co.uk 1 of 8 What is access control? Access control provides the ability to control, monitor and restrict the movement of people, assets, or vehicles in,
More informationMobile security and your EMR. Presented by: Shawn Tester & Allen Cornwall
Mobile security and your EMR Presented by: Shawn Tester & Allen Cornwall Date: October 14, 2011 Overview General Security Challenges & best practices Mobile EMR interfaces - EMR Access - Today & Future
More informationCloud Based Device Management Using Enterprise Mobility Suite Production Pilot Service Definition Document
Microsoft Services - GCloud 7 Catalogue Cloud Based Device Management Using Enterprise Mobility Suite Production Pilot Service Definition Document 1 Overview of the Service 1.1 Service Objectives The 2
More informationAlternative authentication what does it really provide?
Alternative authentication what does it really provide? Steve Pannifer Consult Hyperion Tweed House 12 The Mount Guildford GU2 4HN UK steve.pannifer@chyp.com Abstract In recent years many new technologies
More informationMAESON MAHERRY. 3 Factor Authentication and what it means to business. Date: 21/10/2013
MAESON MAHERRY 3 Factor Authentication and what it means to business. Date: 21/10/2013 Concept of identity Identity and Access Management Authoritive Identity Source User Identity Feed and Role Management
More informationSymantec Mobile Management 7.1
Scalable, secure, and integrated device management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any previous technology,
More informationQueensland gets great service
The department is committed to delivering high quality services that meet the needs of the Queensland community. We will continue to do this by seeking new and better service delivery and funding models,
More informationIs your business secure in a hosted world?
Is your business secure in a hosted world? Threats to the security of business data are constantly growing and evolving - What can you do ensure your data remains secure? Introduction The safe use of computer
More informationGuide to Evaluating Multi-Factor Authentication Solutions
Guide to Evaluating Multi-Factor Authentication Solutions PhoneFactor, Inc. 7301 West 129th Street Overland Park, KS 66213 1-877-No-Token / 1-877-668-6536 www.phonefactor.com Guide to Evaluating Multi-Factor
More informationPRIME IDENTITY MANAGEMENT CORE
PRIME IDENTITY MANAGEMENT CORE For secure enrollment applications processing and workflow management. PRIME Identity Management Core provides the foundation for any biometric identification platform. It
More informationSecureCom Mobile s mission is to help people keep their private communication private.
About SecureCom Mobile SecureCom Mobile s mission is to help people keep their private communication private. We believe people have a right to share ideas with each other, confident that only the intended
More informationPKI Deployment Business Issues
An OASIS PKI White Paper PKI Deployment Business Issues By Amir Jafri and June Leung (FundSERV Inc.) For the Oasis PKI Member Section OASIS PKI White Paper OASIS (Organization for the Advancement of Structured
More informationDISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention. symantec.com
DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention symantec.com One of the interesting things we ve found is that a lot of the activity you d expect to be malicious
More informationBring Your Own Device (BYOD) and 1:1 Initiatives: What Questions Do You Need to Answer Before Jumping In?
Bring Your Own Device (BYOD) and 1:1 Initiatives: What Questions Do You Need to Answer Before Jumping In? Bruce Alexander Product Specialist- Wireless and Mobility Bret Straffon Product Specialist-Security
More informationAssessment of Software for Government
Version 1.0, April 2012 Aim 1. This document presents an assessment model for selecting software, including open source software, for use across Government, and the wider UK public sector. 2. It is presented
More informationManchester City Council Role Profile. Enterprise Architect, Grade 12
Key Role Descriptors: Manchester City Council Role Profile Enterprise Architect, Grade 12 ICT Service, Corporate Core Directorate Reports to: Head of Enterprise Architecture Job Family: Technical This
More informationWHAT YOU NEED TO KNOW ABOUT CYBER SECURITY
SMALL BUSINESSES WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY ONE CLICK CAN CHANGE EVERYTHING SMALL BUSINESSES My reputation was ruined by malicious emails ONE CLICK CAN CHANGE EVERYTHING Cybercrime comes
More informationGlossary of Key Terms
and s Branch Glossary of Key Terms The terms and definitions listed in this glossary are used throughout the s Package to define key terms in the context of. Access Control Access The processes by which
More informationManaged Mobility from O 2
Secure, managed, flexible working From network connectivity, to secure device management and custom apps our Managed Mobility solutions provide everything you need. Release your workforce and support their
More informationBOR 6432 Cybersecurity and the Constitution. Course Bibliography and Required Readings:
BOR 6432 Cybersecurity and the Constitution Course Description This course examines the scope of cybercrime and its impact on today s system of criminal justice. Topics to be studied include: cybercrime
More informationOptus Future of Business 2013. Mobility Insights Paper Maximise the potential of your mobile workforce
Optus Future of Business 2013 Mobility Insights Paper Maximise the potential of your mobile workforce Contents CONTENTS 01 Methodology 01 Executive summary 02 4G mobility enables new ways of working 03
More informationProtect yourself online
Protect yourself online Advice from Nottinghamshire Police s Pre Crime Unit Get daily updates: www.nottinghamshire.police.uk www.twitter.com/nottspolice www.facebook.com/nottspolice www.youtube.com/nottinghampolice
More informationCyber Threat Intelligence Move to an intelligencedriven cybersecurity model
Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Stéphane Hurtaud Partner Governance Risk & Compliance Deloitte Laurent De La Vaissière Director Governance Risk & Compliance
More informationHow to use your new card. Tomorrow s Queensland: strong, green, smart, healthy and fair
How to use your new card Tomorrow s Queensland: strong, green, smart, healthy and fair Safer, stronger cards for Queenslanders The Queensland Government has used the latest technology to make new Queensland
More informationMeeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11)
Meeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11) Executive Summary...3 Background...4 Internet Growth in the Pharmaceutical Industries...4 The Need for Security...4
More informationTNC is an open architecture for network access control. If you re not sure what NAC is, we ll cover that in a second. For now, the main point here is
1 2 This slide shows the areas where TCG is developing standards. Each image corresponds to a TCG work group. In order to understand Trusted Network Connect, it s best to look at it in context with the
More informationBusiness Plan 2012/13
Business Plan 2012/13 Contents Introduction 3 About the NFA..4 Priorities for 2012/13 4 Resources.6 Reporting Arrangements.6 Objective 1 7 To raise the profile and awareness of fraud among individuals,
More informationCHOOSING THE RIGHT PORTABLE SECURITY DEVICE. A guideline to help your organization chose the Best Secure USB device
CHOOSING THE RIGHT PORTABLE SECURITY DEVICE A guideline to help your organization chose the Best Secure USB device Introduction USB devices are widely used and convenient because of their small size, huge
More informationCALL ON 3-1-1 TO IMPROVE PUBLIC SERVICE SATISFACTION ENHANCE CITIZEN RELATIONSHIP MANAGEMENT WITH PREMIERONE CSR
CALL ON 3-1-1 TO IMPROVE PUBLIC SERVICE SATISFACTION ENHANCE CITIZEN RELATIONSHIP MANAGEMENT WITH PREMIERONE CSR 9-1-1. What s your emergency? OUR NEIGHBOR IS HAVING A FAMILY REUNION AND THE MUSIC IS SO
More informationReport to the Council of Australian Governments. A Review of the National Identity Security Strategy
Report to the Council of Australian Governments A Review of the National Identity Security Strategy 2012 Report to COAG - Review of the National Identity Security Strategy 2012 P a g e i Table of contents
More informationYour complete guide to Cloud Computing
Your complete guide to Cloud Computing 1 Doc V1.0 Dec 2013 Table of Contents Hosted Desk- 3 The Cloud and Cloud Computing... 4 The benefits of Cloud Solutions 6 The Cloud is Growing - Rapidly 7 Resolving
More informationCloud Computing Security Considerations
Cloud Computing Security Considerations Roger Halbheer, Chief Security Advisor, Public Sector, EMEA Doug Cavit, Principal Security Strategist Lead, Trustworthy Computing, USA January 2010 1 Introduction
More informationAnalytics Strategy Information Architecture Data Management Analytics Value and Governance Realization
1/22 As a part of Qlik Consulting, works with Customers to assist in shaping strategic elements related to analytics to ensure adoption and success throughout their analytics journey. Qlik Advisory 2/22
More informationCisco BYOD Smart Solution: Take a Comprehensive Approach to Secure Mobility
Solution Overview Cisco BYOD Smart Solution: Take a Comprehensive Approach to Secure Mobility What You Will Learn Whether you want to simply allow tablets on your network or transform business processes
More informationComplete. security. begins with 3M
Complete security begins with : Global Helping to protect people, documents and goods Leadership in the Security Industry For more than 30 years, Security has been a trusted partner, helping governments
More informationBellevue University Cybersecurity Programs & Courses
Undergraduate Course List Core Courses: CYBR 250 Introduction to Cyber Threats, Technologies and Security CIS 311 Network Security CIS 312 Securing Access Control CIS 411 Assessments and Audits CYBR 320
More informationConnect Renfrewshire
How the council will use its information and technology assets to achieve successful change Contents Strategy Context 2 Digital Delivery and Citizen Engagement 4 Operational Excellence and Transformation
More informationBEST PRACTICES IN WEB CONFERENCING SECURITY. A Spire Research Report April 2003. By Pete Lindstrom, Research Director. Sponsored By: www.cisco.
BEST PRACTICES IN WEB CONFERENCING SECURITY A Spire Research Report April 2003 By Pete Lindstrom, Research Director Sponsored By: www.cisco.com BEST PRACTICES IN WEB CONFERENCING SECURITY A Spire Research
More informationEESTEL. Association of European Experts in E-Transactions Systems. Apple iphone 6, Apple Pay, What else? EESTEL White Paper.
EESTEL White Paper October 29, 2014 Apple iphone 6, Apple Pay, What else? On 2014, September 9 th, Apple has launched three major products: iphone 6, Apple Watch and Apple Pay. On October 17 th, Apple
More informationa) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)
MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file
More informationSTRONGER ONLINE SECURITY
STRONGER ONLINE SECURITY Enhanced online banking without compromise Manage your business banking efficiently and securely Internet banking has given business leaders and treasurers greater control of financial
More informationCoSign by ARX for PIV Cards
The Digital Signature Company CoSign by ARX for PIV Cards Seamless and affordable digital signature processes across FIPS 201-compliant systems Introduction to Personal Identity Verification (PIV) In response
More informationThe Scottish Wide Area Network Programme
The Scottish Wide Area Network Release: Issued Version: 1.0 Date: 16/03/2015 Author: Andy Williamson Manager Owner: Anne Moises SRO Client: Board Version: Issued 1.0 Page 1 of 8 16/04/2015 Document Location
More informationIknaia Asset and Personnel Tracking Management System for the Healthcare Industry
Iknaia Asset and Personnel Tracking Management System for the Healthcare Industry July 2014 Introduction Trying to find your way around a large hospital or locating a high-value medical device such as
More informationUse Bring-Your-Own-Device Programs Securely
Use Bring-Your-Own-Device Programs Securely By Dale Gonzalez December 2012 Bring-your-own-device (BYOD) programs, which allow employees to use their personal smartphones, tablets and laptops in and out
More informationMay 2010. For other information please contact:
access control biometrics user guide May 2010 For other information please contact: British Security Industry Association t: 0845 389 3889 f: 0845 389 0761 e: info@bsia.co.uk www.bsia.co.uk Form No. 181.
More informationDriving Company Security is Challenging. Centralized Management Makes it Simple.
Driving Company Security is Challenging. Centralized Management Makes it Simple. Overview - P3 Security Threats, Downtime and High Costs - P3 Threats to Company Security and Profitability - P4 A Revolutionary
More informationThought Leadership White Paper Deliver a Better Service Management User Experience
Thought Leadership White Paper Deliver a Better Service Management User Experience Modernize service management for a more productive workforce Table of Contents 1 EXECUTIVE SUMMARY 2 MILLENNIALS AND MOBILES
More informationFIDO Trust Requirements
FIDO Trust Requirements Ijlal Loutfi, Audun Jøsang University of Oslo Mathematics and Natural Sciences Faculty NordSec 2015,Stockholm, Sweden October, 20 th 2015 Working assumption: End Users Platforms
More informationJOB DESCRIPTION. To provide a high level of customer care to all business users who raise faults or service requests via the Service Desk.
Job Title: Service Desk Analyst JOB DESCRIPTION Job Holder: Date: Overview of role To provide a high level of customer care to all business users who raise faults or service requests via the Service Desk.
More informationPhysical Security. Overview
Physical Security Currently in this Country defence and security including private sector have responded to rising concerns about theft, fraud, and terrorism by sharpening their focus on physical security
More information1. Fault Attacks for Virtual Machines in Embedded Platforms. Supervisor: Dr Konstantinos Markantonakis, K.Markantonakis@rhul.ac.uk
Proposed PhD Research Areas I am looking for strong PhD candidates to work on the projects listed below. The ideal candidate would have a mix of theoretical and practical skills, achieved a distinction
More information