ABS COUNTS
ON SECURITY
GOVERNMENT TECHNOLOGY REVIEW
NASA’S
OPEN-SOURCE
MISSION CYBER-A PARLIAMTETNACKS ON T HOUSE
SAVING FEBRUARY/MARCH 2012 • ISSUE 11
VIC’s ICT PROCUREMENT
KUNDRA: HOW TO MOTIVATE CIOs
DOING CLOUD RIGHT MEETING-ROOM TECHNOLOGY ■
Increase office productivity and shrink your environmental footprint with an eCopy solution
Using eCopy, government organisations can integrate all of their paper documents into their electronic workflow for easy filing and distribution in the time it takes to push the copy button.
Security – Increase security with encryption, secure storage, user authentication and redaction. Disaster Recovery - Ensure all documents are digitized and archived off-site in the event of a disaster. Compliance – Store and link documents and transaction records. Maintain archive integrity and prevent unauthorized access. Lean and Green - Reduce your environmental footprint by cutting paper usage.
Visit getecopy.com.au for more information Visit the “Contact Us” page and complete your details to discuss your business requirements with one of our team.
COVER STORY: POLITICAL TARGET
Security is crucial in any ICT context — but when your stakeholders include Australia’s entire body of Senators and MPs, the term “mission critical” takes on a whole new meaning. That’s why, when a hacker group brought down the Parliament House Web site, it was so important to get security right that one project slid back a year to ensure it was done right.
INTRODUCTION 2 Editor’s letter 3 News 36 Opinion: Dr Steve Hodgkinson; Don Easter; Greg McCormick
FEATURES 12 The new security posture The rise of virtualisation, cloud computing and mobility are putting new pressures on government organisations to revisit their security — particularly as increasingly resourceful cybercriminals put governments in their sights. Will you be ready when they come for you? 29 Rich-Phillips charts Victorian ICT roadmap Victorian Minister for Technology Gordon Rich-Phillips faces a host of challenges as he seeks to assert the Baillieu government’s control over runaway project costs. Here’s his assessment so far.
SPECIAL FEATURES
16
6
30 Can AGIMO guide government into the cloud? AGIMO’s new series of guides for government cloud services spell out a broad range of threats and opportunities posed by the cloud. But just what’s in them? 42 Blue skies ahead for cloud The recent Cloud Computing Forum 2012 brought together over 100 industry and government representatives for a checkup on the state of cloud computing. Here is some of the best advice shared at the event.
CASE STUDIES
32
MEET ME HALFWAY
TRANSPARENCY BITES
Given the continuing growth in teleworking, it’s more important than ever to be able to run meetings efficiently and effectively. We weigh up the collaboration imperative, highlight some new tools for making your meetings easier, and offer some tips for running meetings as effectively as possible.
Vivek Kundra served 29 months as US government CIO, and in that time managed to assert a new doctrine of information sharing and project transparency. That sounded great on paper, but it enraged CIOs who rallied against the changes — until one picture brought them into line.
24 NASA aims for the cloud It may be known for sending astronauts to the clouds and beyond, but NASA is tapping into its massive base of creative, skilled developers to build a scalable cloud-computing platform that’s facilitating large-scale service provision across US government agencies. 26 ABS tries not to become a virtualisation statistic Server virtualisation will change your infrastructure for the better — but it is not without its issues. For the Australian Bureau of Statistics, a heavy investment in virtualisation mandated a new security infrastructure. Here’s what it implemented.
GTR FEBRUARY/MARCH 2012 | 1
EDITOR David Braue E: editor@govtechreview.com.au NATIONAL SALES MANAGER Peter Ratcliff E: peter.ratcliff@govtechreview.com.au Tel: 02 8923 8016 NATIONAL SALES & MARKETING MANAGER — CONFERENCE & EVENTS
If you’re working in government, odds are that you have a large and complex infrastructure that’s just crying for improvement. Odds are, also, that you’ve been targeted by cloud-computing vendors who see your infrastructure as a natural test bed for their newfangled solutions. Somewhere in between those two extremes is your ICT strategy. Yet even when you plan carefully, the world can surprise you; witness the Department of Parliamentary Services, for whom remediation efforts after a hacker attack contributed to a Web site revamp being delayed by 12 months and blowing out its budget to $3.1 million. Project-management catastrophe or carefully-considered, securitydriven due diligence? You decide after reading our cover story; ditto, our writeup of the Australian Bureau of Statistics’ proactive approach to virtualisation security. The risks discussed in these pieces might even drive you to call a meeting to discuss your conclusions with your peers; why not read through our meeting-room technologies feature to get some pointers as we run down the latest in remote-meeting trends and technologies, and offer some tips on effective meetings. We also offer the advice of Vivek Kundra, until recently the US government CIO, who tells us how he overcame resistance to his agenda of change. And we talk with a bona-fide rocket scientist who’s leading NASA’s efforts to build an open cloud solution. We also offer a rundown of the action at CommStrat’s recent Cloud Computing Forum 2012, which drew over 100 attendees in Canberra to hear a range of perspectives on the technology’s progress and its future. You would have noticed the new face at the top of this page; I am pleased to introduce myself as the new editor of GTR, having taken over from founding editor Simon Sharwood. I’d like to publicly acknowledge the excellent work Simon, a respected colleague for over 15 years, has done in shaping the GTR vision and building it into the publication you now hold in your hands. I look forward to working with the rest of the great CommStrat team to shape the future of GTR, which above all else is a magazine for you. Please don’t hesitate to let me know if there’s something you’d like to see in the magazine, or something you wish you hadn’t; something you know or are doing that’s newsworthy; or suggestions for making it and the evolving companion Web site an even more valuable resource.
Chris Rodrigues E: chris.rodrigues@govtechreview.com.au Tel: 02 8923 8002 PRODUCTION MANAGER Russell Montgomery E: russell.montgomery@commstrat.com.au Tel: 02 8923 8025 DESIGN & PRODUCTION Annette Epifanidis, Tim Hartridge, Monica Lawrie, Odette Boulton NEW ZEALAND REPRESENTATIVE Debbie Bishop General Manager, Hawkhurst Media Services Limited E: debbie@hawkhurst.co.nz Tel: +64 9 589 1054 DDI: +64 9 571 9494 Mobile: +64 021 340 360 CONTRIBUTORS Andrea O’Driscoll, Rex Pannell SYDNEY OFFICE Level 12, 99 Walker St. North Sydney NSW 2060 Phone: 02 8923 8000 Fax: 02 8923 8050 MELBOURNE OFFICE Level 8, 574 St Kilda Rd. Melbourne Vic 3004 PO Box 6137, St Kilda Rd Central 8008 Phone: 03 8534 5000 Fax: 03 9530 8911 Government Technology Review is published by CommStrat ABN 31 008 434 802
www.commstrat.com.au All material in Government Technology Review is copyright. Reproduction in whole or in part is not allowed without written permission from the Publisher.
David Braue, Editor E: editor@govtechreview.com.au
2 | GTR FEBRUARY/MARCH 2012
To arrange delivery of Government Technology Review email: subs@govtechreview.com.au
NASA launches global apps competition
Aiming to tap into the global innovation around smartphone and software development, NASA has launched its Space Apps Challenge — a global initiative that will encourage developers around the world to build innovative applications using publiclyavailable NASA data. The effort, which will run on April 21 and 22, is an initiative of the US Open Government National Action Plan, and is targeted at scientists and citizens who will compete to design innovative solutions to a series of specific challenges to be set by NASA. Australia will play a significant role in the effort, with Melbourne pegged as one
of eight terrestrial locations to host events around the project (the International Space Station is the ninth). Challenges will be broadly aligned around initiatives including software, hardware, data visualisation, and citizen science. Indicative projects already posted include a challenge to make data from NASA’s Kepler planet-hunting mission; a plug-in to enable sensor interfaces with smartphones; an app to accurately measure the size of the earth; or a public interface to NASA’s Planetary Data System data sets. For more information, see www.spaceappschallenge.org.
Lockheed Martin test lab to boost cloud testing Aiming to improve the suitability of tendered cloud and other software solutions for its needs, defence and government giant Lockheed Martin is opening a software testing laboratory in Canberra that will let potential vendors demonstrate their solutions against Lockheed Martin’s requirements. The NexGen Cyber Innovation & Technology Centre, also known as NCITE, will give Lockheed Martin more involvement in the types of solutions its partners pitch, potentially also helping smaller businesses offer more relevant solutions for its needs. The company is lead contractor for a number of major defence contracts including the MH-60R helicopter contract, F-35 Lightning II, Air Warfare Destroyer and other solutions. Motivation for the lab came from a desire to work more closely with the many suppliers it involves in these projects; in particular, the lab will become a major test facility for compliance with emerging cloud-computing guidelines being developed by the Open Data Center Alliance (ODCA, www.opendatacenteralliance.org), in which Lockheed Martin is a lead participant. The more than 300 ODCA members are working through a range of usage modelbased cloud technology descriptions including a four-tier security model that will ease the comparison of cloud offerings from different vendors.
Victorian gov’t puts $11m into ICT collaboration Victoria’s Coalition government has launched an $11m fund, the Digital Futures Fund, that will encourage collaboration between SMEs by offering grants of up to $500,000 when two or more Victorian SMEs work together on a solution to an identified common problem or challenge. “We are looking for projects that will deliver cutting-edge advances and transform cuttingedge business models, and how they can be
shared broadly across the economy,” state shadow treasurer and Minister for Technology Gordon Rich-Phillips said in an AIIA address. “The Victorian government is committed to working with the ICT sector to ensure we can grow and develop the sector in its own right, and to ensure that we can have the sector’s potential in terms of driving productivity.” The government will commit up to $5m in the first round of applications.
Projects targeting areas like data mining and analytics, cloud computing, and cyber security will be particularly well-received by the assessment panel, which is acting as part of the Baillieu government’s previously floated Technology Plan for the Future — Information and Communication Technology strategy. EoIs are due by Thursday, 12 April; for more information, visit www.mmv.vic.gov.au/dff.
GTR FEBRUARY/MARCH 2012 | 3
NSW Compensation Authorities on the hunt for CIO The NSW government’s Compensation Authorities Staff Division (CASD) — which provides ICT support for WorkCover NSW, the Motor Accidents Authority, Life Time Care and Support Authority and two other state agencies — is on the hunt for a CIO after the departure of previous CIO Geoff Fuggle last year. The role involves the delivery of every aspect of ICT service delivery within the
authority, including an understanding of the strategic plans of CASD and its individual agencies. It involves the management of a budget of $19.9m, staff budget of $11m, $6m of capital projects and a team of around 80 staff. Stated strategic goals include the maximisation of returns from infrastructure investments; setting the strategic direction
of information systems development in each agency “ensuring consistency with business goals”; capacity and business continuity planning; communication with the CASD board; and ensuring the security of databases, systems and remote communication links. More information is available at www.bit.ly/w0EhZb.
AusCERT warns e-health records can be hacked Australia’s emerging personally controlled e-health record (PCEHR) system will be a target for hackers keen to harvest its sensitive personal information, computer emergency response team AusCERT has told a Senate inquiry. No matter the protections put around the PCEHR records themselves, an AusCERT submission said the design of the system to
4 | GTR FEBRUARY/MARCH 2012
allow secure Internet access was misleading because consumers accessing their information online would leave their personal data open to compromise. Risks could arise “if individuals do not understand the risks to their e-health record online when using a computer which is not properly secured,” the organisation’s submission noted, warning that the
government “is promoting the benefits of PCEHR over the Internet on the basis that it will be secure….These statements cannot be assured and are misleading.” A stronger focus on endpoint security would be necessary to meet the government’s assurances of data security, the organisation warned, noting that efforts to date have mainly focused on back-end security.
Govt endorses new ICT key in Victoria’s super-trade cyber-security mission to China ethical code The establishment of an Australian branch of the Council of Registered Ethical Security Testers (CREST, at www.crest-approved.org) will boost ethical standards across the security industry and give purchasers clear assurances when purchasing security products and services, the government has said while announcing the move in early March. “Businesses want to make sure their online systems are as prepared as they can be for a cyber attack,” Attorney-General Nicola Roxon said in announcing the new initiative, which will see the founding of a new body, CREST Australia. “CREST Australia will have the important role of establishing clear and agreed standards for cyber-security testing. Government agencies, such as CERT Australia, will work cooperatively with the board of CREST Australia.” That board will initially be headed by Alastair MacGibbon, director of the University of Canberra’s Centre for Internet Safety, who will serve as founding CEO of CREST Australia. CREST offers a range of exam-based consultant certifications including Registered Tester and Certified Tester, while certification as a CREST Member Company attests to a company’s robust methodologies, data-protection efforts and reliable business.
Following on from the success of its recent super-trade mission to India — which saw over 280 delegates from over 220 companies travel to promote Victorian ICT and other services in India — the state government is gearing up for a sequel that will see up to 250 companies represented in a similar event in China. The Victorian Department of Business and Innovation is taking a lead role in the effort, which will run from May 14 to 19 and involve senior Victorian government and industry representatives. All will
work to identify and enhance commercial opportunities for Victorian companies in the world’s biggest market, with a strong focus on technology industries. The India trade mission included significant wins such as the February signing of a MoU for local company GRG International to provide 5000 ATMs, 25,000 EFTPOS machines and 4 million cards to manage welfare payment distribution in several Indian regions, in an effort expected to create 50 jobs and be worth $500m to Victoria’s economy over the next decade.
ACT government throws NICTA a $12m research line National ICT Australia (NICTA) has scored $12m in ACT government funding, to be delivered over four years, in a move designed to ensure the organisation’s long-term viability. The government has invested $26.35m in the organisation since its founding in 2002, and the new funding will bolster the ICT research organisation’s capabilities for the near future.
“NICTA is producing excellent research results with direct application to the development of robust, innovative systems for emerging markets such as smart transport, e-Health and e-Government,” CEO Hugh Durrant-Whyte said in a statement. “With the additional funding, NICTA will be able to strengthen its research outcomes in these and other areas to accelerate the development of
high-impact, wealth-creating topics.” Current research projects include the development of an e-Health Living Lab, which will highlight ongoing e-health initiatives backed by research and clinical expertise from across the country’s universities and hospital system. NICTA will work in this and other areas to develop new technologies and training systems for industry professionals.
GTR FEBRUARY/MARCH 2012 | 5
Security
IT’S THE MOST VISIBLE EDIFICE OF GOVERNMENT AND A LINCHPIN OF OUR DEMOCRACY. NO WONDER THE PARLIAMENT HOUSE FINDS ITSELF A CONSTANT TARGET OF ATTACKS, BOTH ONLINE AND OFF. Story by DAVID BRAUE
6 | GTR FEBRUARY/MARCH 2012
T
he underground carpark of Canberra’s Parliament House, which lies directly underneath the iconic water feature that’s ubiquitous on TV news broadcasts, is in disarray. Pedestrian barriers, construction residue, scaffolding and dust are everywhere as Stephen Campbell, half apologetically, escorts me past the metres-thick concrete and steel barriers that are being erected in the carpark as a security measure. It’s ironic because this same building was, not too long ago, subject to violating and aggressive attacks against which no amount of concrete or steel could have protected it. In February 2010, notorious hacking group Anonymous — which has made a name for itself compromising the Web sites of everybody from the Department of Broadband, Communications and Digital Economy (DBCDE) and the CIA to the US Federal Trade Commission, Church of Scientology and Greek Ministry of Justice — launched a distributed denial-of-service (DDoS) attack on the Parliament House Web site in a protest against Senator Stephen Conroy’s proposed mandatory Internet content filter. For a group trying to choose the highest-profile target possible, there couldn’t have been a more tantalising target than the Parliament House Web site (www.aph.gov.au), which was still running software that had been in place for nearly a decade and riddled with potential soft spots. Part of a year-long campaign of filter protests that also included the February 2010 ‘Operation Titstorm’ scorched-earth DDoS assault on government Web sites, the attack took the site offline for 50 minutes — boosting Anonymous’ global profile and creating further urgency for a massive overhaul of the site.
Web site refresh Even as the Parliament House Web site was brought back online, however, staff within the Department of Parliamentary Services (DPS), in which Campbell serves as director of the Project Management Office, had to front perhaps the country’s most demanding user base to explain how the attack had been possible.
The answer was, in the main, far from complex: the existing site was old, non databasedriven, and built on static HTML pages with inconsistent style sheets; so it was old and had a number of known vulnerabilities, so it was more a matter of if rather than when. Unfortunately for DPS staff, the Anonymous attack came just a month after the team, along with prime contractor Fujitsu, had begun working to code a complete replacement for the site based on the Sitecore CMS. Replacing the site, which was launched in March 2002 based on static HTML pages and lacked even basic modern features such as support for style sheets and banners. The site had been earmarked for replacement some time earlier, having reached its end of life and proved unable to support growing demands from internal and external users that wanted features like on-demand streaming, live updates on legislation schedules and progress, better information about Parliamentarians, and so on. Also important was the need to support a transition to mobile devices like tablets and smartphones, as well as the government-wide requirement that its site support features like WCAG 2.0 accessibility standards. “You wouldn’t have wanted to do all that on our old Web site,” Campbell offers. “It was too far gone.” “Now, we’ve taken that next step and made sure it’s mobile and provides all the services people want. It’s all about giving our clients and the public a more interactive experience with Parliament; our ultimate goal is to provide a Web accessible tool for timely access to information about Parliament and its activities to support the Parliament, and the work of Senators and Members.” Despite some claims to the contrary by outside parties who argued that the site was relatively simplistic, the project ultimately ended up costing $3.1 million and running twelve months over schedule before it was launched this February. The delays stemmed not from any inherent inability to deliver — but, rather, the need to not only deliver a complex and extensively
integrated site experience to the satisfaction of all stakeholders, and with an iterative security approach designed to prevent a repeat of the Anonymous attack. Testing may have pushed the launch date back, but political sensitivities around its security offered little alternative. “We’re very conscious about our front page,” says Campbell. “It’s a shared page, owned by the three Parliamentary departments to provide the right information for all. It’s not a political tool — we represent the Parliament and not the view of the government or Opposition — and we need to be careful about what information is put up there.”
Engaging stakeholders When your key stakeholders are the Senate and House of Representatives, prosaic notions of ‘mission critical’ deployments go to a whole new level: both groups of Parliamentarians are used to scrutinising public projects closely, and all had their own opinions about how the site should be redeveloped. Recognising this, Campbell says, the project was always run from its earliest days with extensive consultation from DPS, Senate and House stakeholders. Workshops were run to gather requirements by targeting each functional area across all three departments prior to going to market for a solution. During the design phase, the project team — which included a range of roles from project manager and project officers to infrastructure staff, Web administrators, database administrators and others — brought design mockups to staff throughout Parliament House offices, coffee shops, and other places where people gathered. Feedback was solicited directly from Senators and Members as well as their staff, with regular forums run to ensure everybody involved had the chance to offer their feedback on the emerging design. Usability testing was run based on personas ranging from a student to a home-owner, to a legal professional, to a member of a Senator’s or MP’s staff. Representatives of each persona were selected from rural areas
“AS WITH ANY RISK, WE PUT IN PLACE AS MANY MEASURES AS WE CAN TO MINIMISE THE CHANCES OF THOSE BREACHES HAPPENING — BUT THERE ARE SOME PRETTY SMART GROUPS OUT THERE.” GTR FEBRUARY/MARCH 2012 | 7
Security
“We’re very conscious about our front page….It’s not a political tool, and we need to be careful about what information is put up there.”
as well, to undertake testing. Eye tracking capability was exercised to determine how to best present information on a Web page for maximum effectiveness. The process also expanded to include guidance from the Parliamentary Library, which offered extensive guidance on information structures and archival requirements, and the publishing unit responsible for services like the production of Hansard records and the ParlInfo database. As with any content management environment, tight controls over publishing rights were essential — and had to be tied in with core identity management systems capable of enforcing tightly granular control policies. “We all share the systems and various components and content of the system,” Campbell explains. “It’s not one owner who gets control of everything, and everyone has their own opinions on how it should look or how things should be presented. Trying to come together, and to agree on a consistent view on how we do our business, was one of the challenges of the project. The key thing was the core functionality: our end goal is to ensure the proper functioning of Parliament.” Despite a concerted plan to get the site completed quickly, getting a consensus with so many stakeholders wasn’t easy. But that turned
8 | GTR FEBRUARY/MARCH 2012
out to be the least of DPS’ problems: by late 2010, issues with functionality and data migration — as well as a limited number of potential windows of opportunity coinciding with the off-peak times when Parliament isn’t in session — had already pushed back the delivery timeframe. By the time Anonymous struck again at the end of that year, it became clear that there was a lot more still to be done before the redeveloped site could go live. “The migration progress is very difficult,” Campbell explains. “When people need to continuously maintain and update the content, it’s difficult to get that content ready for us to move it over; we have to run systems in parallel, and be able to verify and validate that everything’s working.”
Border protection Ensuring the new site’s security was up to par took even longer: extensive security testing was undertaken with the assistance of DPS’ internal security team, third parties and the Defence Signals Directorate (DSD), whose security mandate includes the provision of security advice for protecting the Web site and other operational systems of DPS and other government departments through its own Cyber Security Operations Centre (CSOC).
“Even before Anonymous hit, we knew we are always up for substantial attacks because of the the policies and business of Parliament being discussed,” Campbell says, noting that DPS security team deals with an almost steady stream of minor — and unsuccessful — attempts to breach the site’s security. “We’re under no illusion that the attacks are anything but real, and they range from a number of sources ranging from issues-motivated groups and amateur hackers to criminal organisations. Our penetration and vulnerability testing revealed a number of issues we were not satisfied with, so we implemented processes to resolve those ASAP.” The process of security remediation was conducted in an iterative fashion, with testing revealing vulnerabilities that were subsequently fixed and re-tested. At each stage, vulnerabilities were measured and risks evaluated against the issues identified — and the process was repeated over a course of months until evaluations of potential risk had dropped to acceptable levels. Although he’s reluctant to go into details about the specific protections introduced around the site, Campbell says that prevention against the full spectrum of attacks — including DDoS attacks, unauthorised information access and manipulation of Web page content — is all on the department’s agenda.
Security solutions without compromise If you’re responsible for protecting people and property in government or large commercial environments, there is simply no room for compromise. Fortunately ADT Security has got you covered. With vast experience in the government sector, ADT Security provides electronic security to millions of commercial, government and residential customers across your street and around the world. Our tailored solutions range from intrusion alarms, smoke detection and life safety through to Closed Circuit Television (CCTV), access control, Radio Frequency Identification (RFID) and wireless networks. When it comes to security, we know that one size does not fit all. Combining intelligent technology with vigilant expert security teams we can design, install, monitor and maintain integrated systems to match your needs.
To find out more, call 131 238 or visit www.adtsecurity.com.au/commercial
Master Licences: VIC No. 65201491P | WA No. SA40562 | SA No. ISL152299 | NSW No. 405187443 | ACT No. 17501009 | QLD No. 3258669
Security
Remediation efforts implemented across the department’s systems include a range of firewalls and protection systems to raise alerts when set performance thresholds are exceeded; DPS and CSOC staff also worked together to proactively analyse potential threats and minimise the potential impact should such threats become real attacks. “We’re all looking out for each other to make sure we’re following best practice and doing the right thing,” says Campbell. “Our focus is on security and that was the cause of some delays. We’ve got to protect the Parliament.” This focus on security contributed to pushing out the delivery of the site, since each stage in the cycle of feedback around the site’s design required security to be re-evaluated. Even after the site went live on a test basis in the middle of 2011, it continued to go through numerous iterations as the security team continued hunting down and stamping out potential issues. “Because it was a long design process, the security testing took a lot longer than we expected,” Campbell explains. “We were never going to push out a poor quality subsystem; we wanted a quality system and we wanted a secure system. As with any security I’m not sure you can eliminate the risks, but we are undertaking as many measures as we can to ensure that it’s protected.”
Bringing it all together Given the growing demands on the Web site, an upgrade of the software wasn’t the only change on the cards: the DPS team had to plan and execute an upgrade of the site’s back end, ensuring — as with its other key operational systems — that it had adequate network and server capacity to meet heavy periods of demand. “We’re coming off 12 year-old technology, so we need to make sure we have the right bandwidth, equipment and redundancy to be able to maintain that,” says Campbell. “There’s more content and more information out there, and more of it is in real-time than ever.” Thanks to its uncompromising approach to security and the constant involvement of its many stakeholders, the many facets of the Web site rollout pushed through to the end of 2011 and the site was finally brought live during Parliament’s February 2012 break period. Completion of such a major project brought many sighs of relief relief across all three Parliamentary departments, and Campbell says the iterative and consultative approach taken by the department was crucial to making this happen. “It’s critical that the business areas are engaged from the word ‘go’,” he explains.
10 | GTR FEBRUARY/MARCH 2012
“You don’t want to be on the front page of the papers; you just want to do things right.”
“They need to understand exactly where things are headed, and communication with them is essential because changes to the way they do business can be difficult for a lot of users. From a security perspective, it was key to put as much attention in before hand to ensure the right outcome.” So far, the site’s design is holding up well, with Campbell reporting strong positive feedback from the public and from interested government agencies. agencies. Parliament became a focus for national attention during February’s government leadership contest, and the subsequent resumption of Parliament has put the site into full swing. Ideas for new tweaks and small patches for the site are emerging all the time, and DPS maintains its working relationship with CSOC to regularly review the current security profile of its Web site and all of its other systems. “We’re
trying to be on the front foot so that when we identify anomalies, we can get on top of them,” Campbell says. Anonymous has subsequently become a high-profile target itself, with 25 alleged members recently arrested in Interpol raids across Europe. But that’s small comfort for the DPS team, which knows there are myriad other barbarians at the gate just waiting to discover or exploit a weakness in the system. Campbell however, is quietly confident the DPS team has done everything it can to keep them from breaching the site’s walls again: “As with any risk, we put in place as many measures as we can to minimise the chances of those breaches happening — but there are some pretty smart groups out there. You don’t want to be on the front page of the papers; you just want to do things right. And if you can transition a system without it being noticed, that’s the best thing.”
Australia’s most progressive local and state governments and federal agencies have been powering their decisions with ArcGIS solutions for over 34 years. An Esri Australia ArcGIS solution... • Predicted the likely impact of the 2011 floods for Brisbane City Council – before the event fully unfolded. • Streamlined the City of Bayswater’s key internal processes, reducing land reporting requests from 12 days to 5 minutes. • Ensured Queensland Fire and Rescue deployed personnel and resources with unprecedented precision – increasing lives and property saved. • Enabled SA Department for Families and Communities to streamline asset auditing of remote aboriginal communities using the latest mobile technology.
Find out how an ArcGIS solution can fortify your decisions – call Esri Australia today on 1800 447 111.
1800 447 111
connect@esriaustralia.com.au
esriaustralia.com.au
twitter.com/esriaustralia
facebook.com/esriaustralia
esriaustralia.com.au/blog
Esri Australia ABN 16 008 852 775