How the UK’s largest public service department tracked device location data to mitigate cybersecurity concerns

11 May 2023

Mike Patchett, head of public sector, Lakeside Software

Mike Patchett, head of public sector, Lakeside Software

Data is at the heart of public sector processes and decision-making but, while digitalisation is undoubtedly opening up new possibilities and bringing widespread benefits, organisations must also be mindful of the challenges to be overcome. With our increased range of work locations and technology platforms, encouraging staff to create and share data responsibly is vital.

However, one UK public sector services department has showcased its excellence in building data into decision-making while at the same time understanding threat factors to ensure safeguards are in place to maximise the responsible use of data and mitigate cybersecurity concerns, particularly where sensitive customer data is involved.

Background

The Department for Work and Pensions (DWP) is responsible for the UK’s welfare, pensions, and child maintenance policy. It is the biggest public service department in the UK as it administers the State Pension and a range of working age, disability, and ill health benefits to around 20 million claimants and customers.

Like many organisations at the start of the COVID-19 pandemic, the DWP quickly pivoted to enable employees to work from home. However, the transition was made more complex because of the sensitive citizen data DWP handles.

The challenge

At the start of the pandemic, everyone was required to work from home if they could. That meant a vast percentage of the DWP workforce who had access to a laptop or could be given access, were now working remotely and whilst this came with obvious benefits, it also raised not-so-obvious security risks.

DWP-issued laptops and desktops are government assets used to process government and citizen data.

Whilst there are policies and rules prohibiting the transport of a device abroad, without prior permission, as well as accessing the DWP network from locations outside the UK, the department needed to understand if this policy was being breached in circumstances where staff had chosen to see out their ‘lockdown’ periods from a location other than the UK.

Because of its important mission, senior DWP leadership knew it needed a fail-safe solution to alert them to:

  • When a DWP-issued device was being used in a country other than the UK
  • Who the primary user of that device was
  • Whether the user had prior permission to take their device abroad
  • Whether the user was utilising a personal anonymous proxy

The government agency needed a non-intrusive solution that could provide accurate, real-time data from its IT estate, and was auditable, and GDPR compliant. DWP needed a platform it could deploy quickly in response to changes in the workforce due to the pandemic.

The solution

Lakeside’s SysTrack, the core technology driving its digital experience management platform, gathers and analyses data on everything that may impact end-user experience and business productivity, and provides the unmatched visibility IT teams need to design and support rapidly changing digital workplaces.

DWP leveraged the SysTrack agent that was already deployed on all its devices to collect IP addresses for each active connection and the connection date/time, using the data to cross-reference this information with publicly available records to identify the country where the asset was currently located.

Building a custom dashboard, DWP was able to collate the data, map devices to countries, and display relevant insights in a single location. This solution has resulted in DWP’s security and asset management teams being able to identify where DWP data is being put at risk and address those risks.

An investigation can be launched on the back of the dashboard analysis to understand whether data is being put at risk and take steps to lock out the device or disable network connectivity and authentication for that user until a time they can access from the UK. It can also identify those cases where a device is in the UK but being used on a personal network that is utilising a VPN that terminates in a foreign country.

Results

The SysTrack solution has resulted in DWP’s Security and Asset management teams being able to identify where DWP data is being put at risk and address those risks.

DWP compared the use of SysTrack to solve the digital workplace challenge with other geolocation and authentication tools. However, none of these legacy tools could provide the same level of data, accuracy, and information with the same level of granularity that SysTrack did. It has now become the principal tool for data evaluation and location information within the DWP.

Thanks to its implementation of SysTrack, DWP was able to find a solution that met all its requirements and more. By building data into its decision-making, understanding threat factors, and ensuring safeguards are in place to maximise the responsible use of data, DWP’s use of SysTrack to gain visibility into its IT estate and protect sensitive data has stood out as an innovative use of technology in harnessing the value of data.