Rotherham Metropolitan Borough Council is working with SureCloud to mitigate the risk of ICT vulnerabilities in support of its objective to deliver secure access to information for all employees, whether they are office based or work remotely.
Rotherham Metropolitan Borough Council (MBC) is committed to investing in ICT to help its people work more efficiently to deliver a better, more cost-effective service to its customers. This is central to the Council’s ICT strategy of using technology to help it respond to significant budget challenges.
Understandably, the Council recognizes the importance of safeguarding its systems and the information held within them. This is particularly important following the decision to encourage higher levels of home-working amongst employees.
Abi Dakin, ICT Compliance, Improvement, and Governance, says: “We have 4,600 workstations alone. Our systems extend to Rotherham’s housing department and schools, as well as to care provision for children and older people. With a reducing budget and limited resources, we have to ensure we safeguard the personal information of our employees and those people in our care. Our challenge is to not only assess our vulnerabilities to hacking, data leakage, and other security threats, but to monitor and prove how we’re reducing those vulnerabilities and, therefore, risk year-on-year.”
Like all local authorities in England and Wales, Rotherham must comply with Government Codes of Connection and implement the associated security controls for using the accredited and secure Government network. Further compliance measures are necessary to meet the Payment Card Industry Data Security Standard (PCI DSS) that safeguards credit card data, while the Council also has to undergo a mandatory annual Key Systems Security Audit.
“We’re typically overwhelmed with information following any penetration testing of our systems. Reports arrive in PDF format, making it difficult for us to identify and manage vulnerabilities. Inevitably we end up simply ticking the boxes in agreement with our IT people that our vulnerability testing has been carried out.”
Find out how SureCloud solved this issue by downloading the full case study.
Learn more about SureCloud’s Cybersecurity services here.