Sheffield Council Remote Working

[Zarniwoop 10]

3 hours ago, the_bloke said:

I heard that to use the SCC VPN you need a physical dongle connected to your PC, rather than something like the password and two factor authentication method used by virtually every company since 2010. The lack of physical dongles has been preventing people from working from home. They aren't upgrading anything to enable more people to work from home, they are just getting more dongles at the expense of the taxpayer, presumably most of which will go back into a box in the IT dept never to be used again when all this is over.

Mostly rubbish, they use a similar system that many banks use  for internet banking, nothing to do with dongles. You would only use a dongle to get an initial Internet conection if there was no wi fi access. The bit about 'buying more dongles' is total rubbish.

[Pyrotequila 402]

8 hours ago, Arthur Ritus said:

I suppose you did't get much for £140  million all those years back in 2016, no doubt the people who have pocketed the cash  are saying 4 years is a long time in IT, it's a shame with all the money they got they didn't chuck in an old server gratis to give public access to the web cams.

 

https://www.capita-one.co.uk/resources/article/sheffield-city-council-extends-contract-capita

 

 

I couldn't see anywhere in that story that said the council spent £140 million.

I read that the contract the council made with Capita would generate £140 million in revenue for Capita.

 

That's why all the services were taken back from Capita to be in the council...previously they were being run as a business, to make money...and doing benefits claims for people isn't about making money, it's about trying to help people....that's why Capita never made any money from it all.

[the_bloke 17]

1 hour ago, Zarniwoop said:

Mostly rubbish, they use a similar system that many banks use  for internet banking, nothing to do with dongles. You would only use a dongle to get an initial Internet conection if there was no wi fi access. The bit about 'buying more dongles' is total rubbish.

Oh dear. You don't seem to understand what a VPN is, or how older systems authenticate.

 

http://www.tokenguard.com/SecurID-800.asp

 

Old systems use plug in dongles that contain the certificate used during authentication as well as needing you to optionally type in the number that appears on the display. VPN dongles have absolutely nothing to do with making an Internet connection.

[chipfork 10]

10 hours ago, the_bloke said:

Oh dear. You don't seem to understand what a VPN is, or how older systems authenticate.

 

http://www.tokenguard.com/SecurID-800.asp

 

Old systems use plug in dongles that contain the certificate used during authentication as well as needing you to optionally type in the number that appears on the display. VPN dongles have absolutely nothing to do with making an Internet connection.

Wow, they really do have some old infrastructure if they're still using the RSA fobs, I have one we used to use that expired 10 years ago.We still use SecurEnvoy's SecurID so making the switch to a non-fob based solution is relatively easy.  Our multi-factor/second factor is now via text, mobile phone app or phone call.

 

This crisis seems to have exposed a lot of gaps in technology to support business continuity. 

 

I work for a water company , not in Yorkshire, and helped design the remote access solution around 5 years ago, even now it is a little dated. We had to consider a relatively large mobile workforce (1200+) so we have solutions that are coping comfortably with far greater numbers than that. Our Internet "pipe" is also coping adequately.

 

Microsoft are offering a "Windows Virtual Desktop" solution to aid remote working and giving organisations $15k towards setup and run costs. The public sector and critical national infrastructure have additional assistance and priority. Realistically that's not a quick fix and Microsoft are having capacity issues with their cloud solutions so they prioritise services.

 

When we come out of the other side of this then priorities may change and hopefully there'll be some money left to invest. Given my partner is a nurse we'd obviously like to see the NHS prioritised, expensive IT contracts and vanity projects need a rethink 😉

 

 

[Planner1 437]

12 hours ago, the_bloke said:

Oh dear. You don't seem to understand what a VPN is, or how older systems authenticate.

 

http://www.tokenguard.com/SecurID-800.asp

 

Old systems use plug in dongles that contain the certificate used during authentication as well as needing you to optionally type in the number that appears on the display. VPN dongles have absolutely nothing to do with making an Internet connection.

SCC don't use devices of that type as far as I know. I used their system for quite a few years until recently and had a VASCO token for remote access, which was a small keypad which generated a one time password. They always had capacity issues when lots of people needed to log on and work from home (like when it snowed), so its not surprising they are having problems in the current conditions.

[ECCOnoob 1,040]

Loads of places are struggling with capacity because it's unprecedented for most organisations to have so many staff on at one time.

 

I work for a massive law firm whose whole remit is about agile working and flexibility - we have had the kit for years. 

 

But even we are still having to restrict access to some of our less vital systems and encourage people to use their mobiles/webmail rather than VPN where possible.  

 

Add on the fact that most domestic broadband systems are not designed for high capacity VPN, accessing huge business servers containing various shared drives and trying to run multi-party conference call operations for long periods.  This is strained even more when they also have to simultaneous cope with the rest of the household trying to stream or download films or browse the internet.

 

This is certainly not an issue limited to the council and I reckon it's just people using it as an excuse for more SCC bashing

[chipfork 10]

I would agree, many large organisations I've worked with don't have the capacity or the provision for the scale of home working, SCC are not in an unusual position.

 

I guess this is where I work we are fortunate. Our VPN may well be old (Microsoft DirectAccess) but with sufficient design and Internet capacity can easily cope with 4,000 home users even with a lot of data crossing that connection. We also have more efficient solutions that allow access to a virtual desktops and applications so little data crosses the wires (Citrix and Windows Virtual Desktop).

 

The biggest shift has been with applications; Office 365, SharePoint Online and cloud based services and apps negating the need to use a VPN or a corporate device. We still have those older apps but the VPN and virtual world copes perfectly well with them.

 

I guess much is based on the organisation, we've followed an agile model, I work from home often as do others, and we have a mobile workforce so have spent a lot of time thinking about this. Those organisations that have a more traditional office-based model not only have the technological challenge but a change in the culture and working practices which can be a bigger challenge.

[Billy65 10]

I work at one of their depots and the system there is steam powered, wired no wifi. I haven't seen a wage slip for months it takes 15 to 20 minutes from starting up to logging on to my view or whatever they call it these days. They  have been updating the system for years but it takes so long that they never roll it out to everyone before they have to update it again.

[Zinger549 233]

We used to have a remote access portal at work.  The manager had to request wfh access and then we (IT support) would set the user up. They had to set a 4 digit pin and give their mobile number.  A code was then sent to the phone. When they were at home they would log into the remote portal with username/password and the 4 digt pin and code.  Once they were in it would send a new code for next time.  Since moving to WIN 10 they shouldn't need to do anything as the VPN connects automatically. 

 

 

[Angela1991 0]

Apparently the public library in Sheffield also has problem with their IT setup to support their staff to work from home.

 

Do you think this is because the IT setups in the public sector assume that everyone will be working onsite therefore less work was put in for remote working (of course the budget is tight too)?

[Guest]

10 hours ago, Angela1991 said:

Apparently the public library in Sheffield also has problem with their IT setup to support their staff to work from home.

 

Do you think this is because the IT setups in the public sector assume that everyone will be working onsite therefore less work was put in for remote working (of course the budget is tight too)?

A lot of places just aren't geared up. It's more about secure access to internal files/networks than the actual being at home bit. Thankfully our place is very good with WFH anyway so it didn't cause any issues at all.

[max 13]

20 hours ago, Angela1991 said:

Apparently the public library in Sheffield also has problem with their IT setup to support their staff to work from home.

 

Do you think this is because the IT setups in the public sector assume that everyone will be working onsite therefore less work was put in for remote working (of course the budget is tight too)?

When I read this I had a vision of librarians all over the country using their homes as min-libraries where people could drop off and borrow library books.