It’s exciting to see digital technologies transform businesses – capturing competitive insights concealed in big data, using AI to improve services, and the mainstream adoption of cloud technologies. There’s no shortage of evidence that harnessing emerging technologies can drive competitive advantage.
What’s also shaking up the enterprise is cross-functional collaboration. It’s about breaking down silos and seamlessly connecting systems, data and processes to crack the code on greater collaboration and productivity. By blending typically siloed wired and wireless networks, organisations are able to set uniform security enforcement policy access controls to users, devices and applications, regardless of where they connect. And it is this trend - when expanded to traverse multiple agencies, facilities and service components - that is offering enormous leapfrogging opportunities for the Australian public sector.
We’re talking about managing identity across organisations and how it has been made possible by the development of digital authentication technologies. It’s referred to as ‘federated identity’, but before we dive into that a bit more, let’s start with why it’s so needed.
A tale of two much-needed IT trends
The public sector faces a number of obstacles when it comes to modernising IT infrastructure. Budgetary restrictions, duplicated IT operations across departments, agencies and facilities, and siloed legacy applications. It leads to inefficiency and leaves many government agencies focused on simple digitisation of existing processes, products or services rather than reimagining structures, governance, work processes and mindsets in system transformation.
With that said, exciting changes are happening across the public sector. We’re starting to see agencies share information and data across functions and departments in a bid to reduce costs, create efficiencies and become more citizen centric. Gartner calls this ‘Shared Services 2.0’[1], arguing that this trend “shifts the focus from cost savings to delivering high-value business capabilities such as enterprise-wide security, identity management, platforms or business analytics”.
Long valued by private enterprise, there’s also a push for the public sector to capture the value of subscription-based IT services delivered in the cloud – AKA Anything as a Service. By switching to a more service-oriented architecture and distributed ecosystems, the public sector can begin to unwind the legacy systems holding them back. Improved service delivery, advanced risk and security methods, persistent policy management and more control over regulation and compliance concerns are just a handful of the outcomes that come from the As a Service model.
This, of course, isn’t pie in the sky, we are seeing real progress being made by the public sector in both of these areas – all around the globe. But we want to talk about what is happening right here at our front door. NSW to be specific.
The state of play in New South Wales
The NSW Premier’s recently released priorities[2] set some ambitious targets to tackle some of the most challenging emerging social issues of our generation, including:
- Lifting education standards
- Keeping children safe
- Breaking the cycle of disadvantage
- Improving the health system
- Creating well-connected communities with quality local environments
Within this broad list lay a number of opportunities to put technology to use, particularly when it comes to streamlining the health and education sector. It is here that technology and the trends discussed above are poised to play a leading role in achieving a good chunk of the Premier’s ambitions. Particularly, when paired with the June announcement of the Digital Restart Fund (DRF) to the tune of $1.6bn. This initiative is designed to support “iterative, multi-disciplinary approaches to digital/ICT planning, development and service provision and will complement existing investment approaches in digital/ICT”[3].
More important, the above presents an opportunity for the NSW public sector to join up the disparate functions, departments and facilities behind the scenes, work towards more unified public services and embrace the cloud platforms driving big changes int the private sector.
ClearPass and federated identity
One of these opportunities lays with ClearPass, Aruba’s flagship network access control solution. To recap, ClearPass enables federating identity systems, agentless visibility and dynamic role-based access control for seamless security enforcement and response across all wired and wireless networks.
For the private sector, ClearPass ensures secure authenticated network access across an organisation, but for the public sector ClearPass’s capabilities presents a far greater opportunity – to enable holistic network security and control across jurisdictional boundaries. This is because when organisations use the ClearPass platform, it delivers authentication across multiple agency identity stores.
Put simply:
- ClearPass allows users to use the same credentials to gain access to more than one participating network in different organisations
- IT administrators don’t need to change the underlying identity management system/s in their department.
So, what pressing challenges does this solve?
- Siloed infrastructure – brings agencies closer together by allowing them to leverage infrastructure at any state government site.
- The challenge of IoT – helps to manage and secure the influx of IoT devices across state networks.
- Secure access for all – segmentation allows you to separate users depending on their required level of access, for example, access to different resources by students, staff and management, ensuring more secure, streamlined and citizen-centric services.
- Balancing experience and security – ClearPass can provide a consistent, secure interface and end user experience across multi-vendor networks.
- The complexity of device and user onboarding -– easy self-service workflows with a one-time onboarding that provides ongoing access to multiple locations, all without exposing inner-networks.
- Disparate authentication platforms - ClearPass is multivendor and features certified interoperability between other vendors, including Cisco, ensuring a seamless installation no matter what other platforms are currently in use.
The final and most valuable benefit is perhaps that with ClearPass, there’s no need to re-engineer underlying systems to achieve these outcomes. The platform doesn’t have to replace existing authentication or identity services – such as Active Directory – either. Rather, information from existing authentication frameworks can be connected into ClearPass allowing IT to remain in control of their authentication and identity services.
It is important to note that individual identities are not exposed to, or physically shared with, other organisations or networks with ClearPass. After authenticating a user with their “home” network, it effectively vouches for that user across other networks whilst keeping their personal details secure.
What does federated identity mean practically?
Here are just some of the applications and ideas that have been explored already for federating identity with ClearPass.
- Universities and councils working together - A NSW university is exploring federating identity with local councils to enable students outside of the campus network to securely access the university network (using their university credentials) via the council network.
- Acting quickly during natural disasters - When the bushfires ravaged parts of the state, NSW health acted to extend their network to the NSW Rural Fire Service, supporting the RFS to react quickly to citizens in need.
- World-class secure council Wi-Fi - Federated network admission control is a step up from ‘free’ Wi-Fi or 4G, both of which have considerable security flaws. In this revised model, ClearPass delivers reliable, stable connectivity, and WPA3 for secure and individualised encryption across pubic areas. For local councils, as an example, ClearPass can provide secure, widespread outdoor Wi-Fi. This is particularly useful for outdoor areas near state schools where the campus extends to also cover facilities such as public sports grounds.
It is these types of capabilities that paint a future picture of the network as a marketplace - a state-owned asset that multiple agencies can benefit from. Not only holistic service delivery, but also bringing together data that can be analysed to shape policies, infrastructure and frameworks to further benefits citizens. It’s an exciting vision of co-operation and collaboration that is ready for development right now.
To discuss intra-agency use cases, or better understand Aruba’s ClearPass solution, please get in touch.
