CASE STUDY : DSS

The UK Department Of Social Security

A Secure IT Infrastructure
A GOVERNMENT PERSPECTIVE

 Go to DSS

The Scale of The DSS IT Estate

The UK’s Department of Social Security (DSS) delivers services in over 2,000 locations in Great Britain and Northern Ireland. The Department has over 93,000 staff focused mainly on Benefit Provision, Contributions Collection and Child Support matters. It is, therefore, highly dependent on information systems and information technology for the effective delivery of its business.

The current computer network is extremely complex and is the largest civil computer operation in Europe. The development of the DSS’s IS/IT strategy is being lead by The Information Technology Services Agency (ITSA) which is an executive agency of the DSS. Working closely with the DSS headquarters and the various agencies, ITSA provides the IT systems and services required to support day-to-day social security delivery. During the 1996/1997 financial year, ITSA was responsible for the allocation of the DSS’s £326 million IT budget.

 The Need For Change
Common to many public and private sector organizations, the DSS is using ‘product centered’ (in this case benefit) rather than customer centered information systems. Based on its existing organization, the DSS not only has separate systems to meet the needs of each Agency, but in the case of the Benefits Agency there are separate systems for each benefit.

This system’s legacy has lead to a wide range of inefficiencies within the business operations, including duplication of effort, avoidable complexity, poor accuracy, inflexibility and openness to fraud. The bottom line is that this all results in an increase in cost and a decrease in quality of service. However, the problems which the system generates present significant complications to the Department in implementing alternate, more efficient operational structures.

The DSS’s IS/IT Strategy, therefore, is to remove these complications and allow the Department to organize and adopt processes optimized for efficiency and cost-effectiveness.

The Security Question

It is a simple fact that the issue of network security is inhibiting many organizations’ ability to take full advantage of the potential of doing business across the Internet.

Nowhere is the question of guaranteed security more critical than when the organization concerned is a government body responsible for highly confidential citizen information.

Integrity and Security are key values within the DSS. The need to maintain and improve levels of security must be paramount when change is being implemented and managed. The Department aims to move further from a program of fraud detection to one of fraud prevention.

The DSS has moved towards increased group working and expanded networking which has lead to a complex, multi-tier architecture. In this environment each system has its own security mechanism which means that the administrators and users see many different views of the systems and have to remember multiple passwords. To make matters worse, the current security functionality is intricate and sensitive to change, thus security breaches are more often due to error rather than malicious intent.

The first step on the road to better securing the DSS was to agree a set of requirements, which would feature in the Departments Community Security Policy, these included:

The Role for the IT DialTone Initiative

In reality single products are not available on the market to satisfy all the requirements listed by the DSS. The Department will need to select and integrate products, both with each other and with the DSS legacy security products. Any new products must, therefore, meet standards and provide a high degree of interoperability.

In addition the DSS must make provision for the advent of Government.Direct. This is an initiative whereby the UK citizen will be offered direct access to the Department’s services via the Internet. This has meant that the DSS has had to consider opening up their virtual private network via gateways to public networks which are inherently insecure. ITSA is attempting to implement a common approach to LAN and WAN security in part by using firewall capabilities in order to support connection to service provider partners, the Government Secure Intranet, and in time, to the Internet.

In keeping with its philosophy of buying services rather than making them, the DSS would prefer to use a secure, reliable public infrastructure to host their citizen focused services rather than invest in government bespoke infrastructure. For example, the DSS will not be producing or managing its own smartcards or investing in government-specific public key infrastructure. Neither will it be defining its own security or management interface mechanisms.

The Open Group’s IT DialTone initiative aims to deliver an IT infrastructure which would be capable of supporting interoperability between citizens and government using a range of devices over both the public and private networks in a reliable, secure and managed manner. This would then mean that the DSS would look to utilize this infrastructure for their citizen-focused services in-line with its objectives to buy rather than create IS/IT services.

The DSS and The Open Group have an ongoing relationship which has offered support to the DSS whilst it reconsidered its technology position. Through membership of The Open Group, the DSS has been able to identify key issues and concerns and track emerging initiatives. The Open Group’s conferences and meetings provide a valuable forum for discussion and validation and for the DSS to use their influence to ensure that emerging specifications and branding proposals satisfy their requirements.

"The production of security specifications and the subsequent emergence of branded products makes secure interoperability of multi-vendor systems a possibility. Without such standards costs will continue to spiral," said Dave Blair, Strategic Architect for The Information Technology Services Agency. "The Open Group’s Security Program Group fulfills a key role in this process".

Home · Contacts · Legal · Copyright · Members · News
© The Open Group 1995-2009  Updated on Wednesday, 11 July 2001