PSN Compliance in Local Authorities WHERE ARE WE NOW? SOCITM UPDATE, 29TH NOVEMBER, 2013 Increasing complexity…. increasing demands for flexibility…. …but there are “rules of the road” We might think we’re secure…… But let’s not go overboard…. We still need to move….. Let’s keep a degree of balance …. Short-term compliance Short-term compliance – what do we know? Current picture and current Cabinet Office stance Impact areas Patching – and the knock-on effects BPSS – limited – for now Segmentation – network separation step 1 Unmanaged devices – device non-grata? The “long term”, i.e. 2014….. Long-term (2014) picture From patterns to realities The importance of Impact Levels – the IL2/IL3 change Some real pot-holes – e.g. Windows XP! Sharing opportunities? Knowledge Impacts Resources Procurements Supplier lobbying? …and beyond. Maintaining compliance Learning from doing e.g. Wake On Lan! Keep a note of the resourcing, you’re going to need it! Automate…..! Ensure your organisation knows this isn’t “just for Xmas” Immediate next steps Still looking at collaboration options Architecting for compliance Any help? Any help? Tidying up the IL2/IL3 situation Removing the last “potential hurdles”. Impact assessment from Vodafone and the Cabinet Office There will be some costs - £3000-4000 per Council? Some closing thoughts…! We can’t rule out any more surprises….. And we’ll need the right resources….. “Legacy” will trip us up…. It will be easier if we collaborate Or even share….. Let’s hope it’s worth it….!