As private organisations around the world build strategies to adopt a remote working culture on a more permanent basis, the government sector cannot be left behind. In the wake of this trend, Dataquest along with Citrix hosted a webinar on ‘Enabling Secure WFH Environment for Transforming the Government Workplace for New Normal’. Kicking off the panel discussion, Anil Chopra, VP, Research and Consulting at CyberMedia Research, said that the pandemic has been catastrophic. “We hope it gets over soon and life gets back to normal. The government and PSU machinery should, however, always be on their toes. There are many citizen-centric services that need to be delivered but involve risks and challenges. This challenge can be addressed by perhaps enabling a work-from-anywhere culture.”
“The pandemic has hindered a lot of functioning,” seconded Rachna Srivastava, Deputy Director-General, NIC, adding that everyone knows what the country has gone through. “We made government employees work on electronic files remotely. In any office, officials generally collaborate, discuss and make decisions, which are recorded on files. These files are automated by the Government of India departments.”
Today, we don’t need to be present in a factory to switch on a machine. At NIC, app development happens at a huge scale by the IT team from home using VPN.
— Rachna Srivastava, Deputy Director General, NIC
Srivastava highlighted that the first challenge was to upscale the entire VPN infrastructure so that people can access the network from their homes. “As we were able to scale up the VPN, people could access files, allowing continuity of the government’s business functions. Anyone working on a government file from home also needed the essential infrastructure at their home, including, at least, bandwidth in the beginning. Providing this bandwidth was a challenge during that period.
Moreover, there was a bigger limitation with regard to the usage of computers at home. We had a client-based device, and Windows updates clashed with the client-side. People were not aware of how to take help while working from home. How to provide help was another challenge.
However, government employees from some sectors provided help. It is better to package a work-from-anywhere kind of a portal like that of NIC launched by our minister earlier this year. This portal was a natural progression. It includes departmental apps to see alerts and helps in communication. With NIC’s videoconferencing solution, you can interact with team members with just a click. You can also define your own room and send messages to others.
Today, we don’t need to be present in a factory to switch on a machine. At NIC, app development happens on a huge scale. We allowed the IT task force, including testers and system admins, to continue the development of software from their homes using the VPN. The onboarding of apps on the network also took place rapidly. You cannot be indifferent. And now, there is no other option. People have to be on the platform to be safe.”
The emotional angle of the field workers is still playing out. People are sceptical about dealing with physical files. The fear of the virus is still there.
— Dr Yask Sharma, CISO, Indian Oil
The session raised an important question on how to handle the challenges of the new normal. Dr. Yask Sharma, CISO, Indian Oil, said that collaboration is very important in this regard. He pointed that one of the challenges was of culture, besides the technical ones. “The security challenges were taken care of, and the bandwidth got upgraded. But the cultural challenges were different. In the manufacturing sector, people need to go to factories. Most organisations have a comprehensive, resilient plan. But nobody planned what will happen if people operating technologies, etc., in a plant do not show up. Once we started opening up, manufacturing companies required a high manpower presence. Over a period of time, there has been acceptance of the new norms.
However, the emotional angle of the field workers is still playing out. People are skeptical about dealing with physical files. The fear of the virus is still there. The biggest challenge is the emotional makeup of people who are now returning to the office. Everyone has been through an emotional rollercoaster in the past 15-16 months. Meanwhile, technology is helping meet some of these challenges. We now have tools that enable capturing of data and are utilising technology solutions in a much better manner. The human emotional challenges will still take some time to be resolved.”
RailTel scales up
Talking about his learnings during the pandemic, CK Prasad, Regional GM, and Head IT, RailTel, said they had to struggle to enable people to WFH initially. “We set up over 20,000 VPN accounts. There were also multiple apps. We opened up the network to all employees first and then started putting in some controls. We have the RailNet, which is MPLS and on the cloud. There was also a collaboration challenge. We scaled up cloud-based videoconferencing services and integrated the conference room with cloud-based solutions. Cloud played an extremely important role. Tools were available earlier but are now being used in a better manner.
At RailTel, we set up 20,000+ VPN accounts and scaled up cloud-based video conferencing services. Tools were available earlier but are now being better used.
— CK Prasad, Regional GM and Head IT, RailTel
We have our own systems and power supplies and run tier 3 data centers. As we needed some people on the ground, we identified some railway quarters and deployed some of the employees there. The L1 and L2 support teams could just walk down to work. Additionally, we are connecting with employees in Andaman and Nicobar Islands on VSAT. Coming to the emotional part, there are IT folks who have been working from home since last February. For them, it is really difficult to manage everything. People at the Joint Secretary level and above are working from the office, while the staff below visits the office on an alternate basis. The lunch timings are also staggered. The pandemic has made us resilient. Cloud has helped, as well as agility.”
New ways of working
Vijay Jayaraman, Director, System Engineering, Citrix, said they have learned and adapted to new ways of working. “Digital workspace is also evolving. Tools that were used over the last 15 months are the need for remote access. The system has always been there. But implementing that for nearly 50-80% of employees was never done before. Many organisations started seeing bottlenecks. Scaling up to 80-100% was at times a big challenge. Thus, investments in bandwidth and security gear ballooned. Many organisations adapted to that change. They looked at ways to provide employees access to apps that they specifically need. We are talking consensual access here. Some of the security tools’ paradigms had to be redeveloped. Thus, providing central credentials, geolocation, type of device, etc. played a major role.
But can we provide all the access, data, and tools required? These were the conversations we were having with many organisations. The ease and productivity of digital workspace also came to the fore. It is the reality of the last 15 months.”
Srivastava talked about devices that have cropped up in the last couple of years. “Apps are being designed so that the experience is the same, irrespective of the device type. You develop once, and it executes to all. But certain apps, such as eOffice, can be challenging. The software is also being used across different government organisations and offices. There is also a manpower crunch. We decided right from the beginning that there will be a single code base for all users.”
Security can be treated a constraint, but the best security works behind the scenes. Multi-factor authentication, access, visibility, etc. are all important.
— Vijay Jayaraman, Director, System Engineering, Citrix
Srivastava further explained that the challenge with the single code base was to manage the various user levels. Different users want different functions. Sometimes, the app cannot be applied to the mobile format. eOffice is made for the tablet, so people can work on iPads. Some apps are old, and cannot be used like this. They have to be rewritten for mobile enablement. Now, the web app is being served by another layer. It is easy to onboard mobile apps on the same set of APIs.
“The mobile-first approach is now part of any kind of development work. We had a district government mobile app challenge wherein nearly 700 district AIOs participated. Over 300 mobile apps were published in a month’s time. The app development teams of NIC follow the mobile-first approach. The development work is done in one zone, catering to all types of formats. All apps are not like that, and converting them all to the mobile format is a huge challenge.”
Explaining the issues surrounding security, Dr. Sharma said that there are security concerns for a non-enterprise environment. Many organisations are still facing that challenge. Security has always been designed to protect from on-premise attacks. Solutions were available earlier as well, but probably not of the same level as today. A security professional will want complete visibility. In a typical on-premise environment, it is much easier. In the cloud, you can get a lot of insights as to what is happening. So, how do you check the visibility for everyone, and reach the endpoint?
Many citizen-centric services need to be delivered by the government but involve risks and challenges. This can be addressed by a work-from-anywhere culture.
— Anil Chopra, VP, Research and Consulting, CyberMedia Research
“There has been some development in reaching end-point security in terms of visibility. We can now get extended insights. There is a demand that the end-user should be able to connect from any device. We also have IIoT. The threat landscape has, therefore, expanded. Visibility has to be strengthened. Access and identity management will be critical. We also need to establish more trust. We have been talking about phishing attacks. How do we identify the right partners? Designing a robust security solution is, thus, very important.” Dr. Sharma, however, pointed out that the practicality of the solutions can be judged only over the coming days.
Jayaramanadded that there are many users accessing apps that run everywhere. “Security can be treated as a constraint, but the best security works behind the scenes. Multi-factor authentication is important. Providing access, based on context, is essential. Can I make decisions based on devices? It should also be easy for employees to access data and resources. Getting visibility, and decreasing the meantime to response is key. Automation becomes important here. Lastly, performance is crucial. AI can make life easier in all of these areas. Many organisations are trying to work in this direction.”
According to Prasad, resilience depends on the scale. “Cloud provides a lot of flexibility. We have a software-defined data center, where we have brought in network function virtualisation. Today, every home has become a small office. But as attack surfaces have increased, we need to build resilience. Policies and best practices have to be applied consistently. We have deployed automation to a great extent. In one shot, we can upgrade 200-500 Linux and Windows machines. We are one of the largest users of eOffice. The government sector always has greater challenges.”
He added that RailTel has also performed some geofencing since there were a number of attacks from China and Iran in 2020. “There have been several learnings in the past 15 months. We follow the 3-2-1 backup strategy, which means you have three copies of your data (production data and two backup copies) on two different media (disk and tape), with one copy at offsite for disaster recovery. Resilience is a continuous process and journey.”
By DQ Bureau