Enabling secure WFH environment - transforming the government workplace for new normal

Dataquest and Citrix recently organized a webinar on enabling a secure WFH environment - transforming the government workplace for new normal.

Anil Chopra, VP, Research and Consulting at Cybermedia Research, said that the pandemic has been catastrophic. We hope that it gets over soon and life gets back to normal. The government and PSU machineries should always be on their toes despite all of this. There are many citizen-centric services that have to be delivered. They all have risks and challenges. This can be possible by perhaps enabling a work from anywhere culture.

The panel discussed transforming the workplace. They were: Ms. Rachna Srivastava, Deputy Director General, NIC, Dr.Yask Sharma, CISO, Indian Oil, CK Prasad, Regional GM and Head IT, RailTel, and Vijay Jayaraman, Director, System Engineering, Citrix.

The pandemic has hindered lot of functioning. Ms. Rachna Srivastava, NIC, said everybody knows what the country has gone through. We made government employees work on electronic files, while not being present at work. In any office, officials generally collaborate and discuss together. Decisions are recorded on files. The files are automated by the Government of India departments.

Upscaling VPN

The first challenge was to upscale the entire VPN infrastructure so that people can access the network from their homes. March is very important month for the government as all closing happens on March 31.

As we could scale up the VPN, people could access their files. Continuity of the government's business function was there. Anybody working on a government file from home also needed the essential infrastructure at their home. They also required the bandwidth at their homes, at least, in the beginning. Providing bandwidth was a challenge at that period.

There was a bigger limitation with regard to the usage of computers at home. We had a client-based device. Windows updates also clashed with the client side. People were not aware of how to take help in their homes. It was a challenge how to provide help.

Some sectors of the government employees provided help. It will be better if you can package a work from anywhere kind of an NIC portal launched by our Minister earlier this year. This work from anywhere portal was a natural progression.

Departmental apps are there for you to see the alerts. It also helps you to communicate. With NIC's videoconferencing solution, you can also see your team members, and just click and talk to them. You can define your own room and send a message to the others.

Today, we don't need to be present in a factory to switch on a machine. At NIC, app development happens in a huge scale. We allowed the IT taskforce to continue the development of software from their homes using the VPN. The testers were WFH. System admins were WFH. The onboarding of apps on the network also happened rapidly. You cannot be indifferent. And now, there is no other option. People have to be on the platform to be safe.

Emotional angle

How should these challenges be handled? Dr. Yask Sharma, Indian Oil, said that collaboration is very important for people. Most of the organizations had these challenges. One challenge was of culture, besides the technical ones. The security challenges were taken care of, and the bandwidth got upgraded.

But, the cultural challenges were different. In manufacturing sector, people also have to go the factories. Most of the organizations have a comprehensive, resilience plan.  Nobody planned what will happen if people operating technologies, etc., in a plant do not show up. There was a bridge created. Once we started opening up, manufacturing companies required lot of presence. Over a period of time, the acceptance of new norms have happened.

The emotional angle of the field workers is still playing out. People are sceptical about dealing with physical files. The fear of the virus is still there. The biggest challenge is the emotional makeup of people who are now coming to the office. Everyone has been through an emotional rollercoaster in the past 15-16 months. Technology is helping meet some of the challenges.

We have tools now that enable capturing the data. We are utilizing technology solutions in a much better manner. The human emotional challenges will still take some time.

RailTel scales up

Talking about his learnings, CK Prasad, RailTel, said we had to struggle to enable people to WFH initially. We set up over 20,000 VPN accounts. There were also multiple apps.

We opened up the network to all employees first, and then started putting in some controls. We have the RailNet. It is MPLS and on cloud. There was also collaboration challenge. We scaled up cloud-based videoconferencing service.

By December 2020, we had more than 2 crores of people's minutes on videoconferencing. We also integrated the conference room with the cloud-based solution. Cloud played an extremely important role. Tools were available earlier, and are being used better.

We have our own systems and power supplies. We run tier 3 data centers. We need some people on the ground. We identified some railway quarters and put up some of the employees there. The L1 and L2 support teams could just walk down to work. We have to enable our own employees and also ensure wellness. We scaled up over time. We are connecting employees on Andaman and Nicobar Islands on VSAT.

Coming to the emotional part, there are IT folks who have been WFH since last February. For them, it is really difficult to manage everything. People from Joint Secretary level and above are working from office. The staff below alternate their visits to the offices. The lunch timings are also staggered. The pandemic has made us resilient. The cloud has helped, as well as agility.

New ways of work

Vijay Jayaraman, Citrix, said we have learned new ways of working, and have adapted to new ways of work. Digital workspace is also evolving. Tools that have changed over the last 15 months is the need for remote access. It has been always there. Doing that for nearly 50 or 80% of employees has never been done before.

Many organizations started seeing bottlenecks. Scaling up to 80% or 100% sometimes was a big challenge. The investments in bandwidth and security gear balloons up. Many organizations adapted to that. They looked at ways to provide employees access to apps that they specifically need.

We are talking consensual access here. Some of the security tools paradigm had to be redone. Providing central credentials, geolocation, type of device, etc., played a major role.

The concept of digital workspace also evolved. Can we provide all the access, data, and tools required? These were conversations we were having with many organizations. Spending 10+ hours interacting without a human is not a good thing. Ease and productivity of digital workspace also came to the fore. It is a reality of the last 15 months.

Mobile approach

Ms. Rachna Srivastava talked about devices that have cropped up in the last couple of years. Apps are being designed so that it has the same experience, irrespective of the device type. You develop once, and it executes to all. But, certain apps, like the e-office, can be challenging.

The software is also getting used across different government organizations and offices. There is also a manpower crunch. We decided right from the beginning that there will be a single code base for any user.

The challenge of the single code base was to manage the various user levels. Different users want different functions. Sometimes, the app cannot be applied in the mobile form factor. E-office is made for the tablet. So, people can work on iPads. Some apps are old, and cannot be used like this. They have to be rewritten for mobile enablement. Now, the web app is being served by another layer. It is easy to onboard mobile apps on the same set of APIs.

The mobile-first approach is now part of any kind of development work. We have a district government mobile app challenge. Nearly 700 district AIOs participated. Over 300 mobile apps were published in a month's time. The app development teams of NIC take the mobile-first approach. The development work is in one zone, catering to all types of form factors.

All apps are not like that. It is a huge challenge to convert all of them to mobile. Eg., the RT-PCR data can be sent to ICMR, and the lab will put that as either positive or negative.

Security tasks

Dr. Yask Sharma, said Indian Oil has security architecture. Employees are doing WFH. There are security concerns for a non-enterprise environment. A lot of organizations are still facing that challenge. Security has always been designed to protect from on-prem attacks.

Solutions were available earlier also, probably, not to the same level as they are today. A security professional will want complete visibility. In a typical on-prem environment, it is much easier. In the cloud, you can get lot of insights as to what is happening. How can I check the visibility for everyone? How do I reach the end point?

There has been some development of reaching end-point security in terms of visibility. We can now get extended insights. There is a demand that the end user needs to connect from any device. We also have IIoT. The threat landscape has therefore, expanded. Visibility has to be strengthened.

Access and identity management will be critical. We also need to establish more trust. We have been talking of the phishing attacks. New employees can also join. How do we identify the right partners? Designing a robust security solution is very important. How practical are those need to be seen over the coming days.

Vijay Jayaraman, Citrix, added that there are many users accessing apps running everywhere. Security can be treated as a constraint, the best security works behind the scene. Mult-factor authentication is important. Providing access, based on context, is essential.

Can I make decisions based on devices? It should also be easy for employees to access data and resources. Visibility is also important. Getting visibility, and lessening the mean time to response are key. Automation becomes important here. Lastly, performance is also important. AI can make life easier for all of this. Many organizations are trying to get to.

Building resilience

CK Prasad, RailTel, said resilience depends on the scale. Cloud provides lot of flexibility. We have a software-defined data center, where we have brought in the network function virtualization. Today, every home has become a small office. Attack surfaces have increased. We need to build resilience. You can apply policies consistently. Best practices have to be applied consistently. We have deployed lot of automation. In one shot, we can upgrade 200-500 Linux and Windows machines. We are one of the largest users of e-Office. The government sector always has greater challenges. We are still working on automation.

We have also done some geofencing. There were lot of attacks from China and Iran in 2020. But, we have handled all that. There are lot of learnings from the past 15 months. Resilience is a continuous process and journey. We follow the 3-2-1 strategy. The 3-2-1 backup strategy means you have 3 copies of your data (production data and 2 backup copies) on two different media (disk and tape), with one copy off-site for disaster recovery. Resilience is always a journey.