Security agencies and organizations (known in German as BOS) are often lacking a uniform IT infrastructure as well as the corresponding communication and collaboration tools to be able to provide their employees with secure, ultra-mobile working options. In this blog article, we outline why these types of solutions are especially essential for organizations with security responsibilities.
The umbrella term “BOS”, which translates into English as “agencies and organizations with security duties”, includes agencies such as the police and emergency services but also technical relief organizations. One special aspect of this field of work is the fact that workers spend most of their working day on the go, engaged in operational duties. On these assignments, every second may be of crucial importance. The need for secure, digital communication solutions which enable the various agencies and organizations to exchange information in real time while deployed should thus be entirely self-evident.
The reality is, however, somewhat different: The daily work of security and emergency workers is characterized by filling in forms and other paperwork, because the ultra-mobile devices they require are lacking or have not been integrated completely into the backend systems. This is partly because the IT security regulations enforced by the Federal Office for Information Security (BSI) require minimum hardware and software standards for IT security, such as encryption processes, data authentication or interoperability when it comes to digital radio transmission.
There are indeed tools and applications on the market which meet these strict requirements, but they are expensive to procure, and the budgetary situation is tight in the world of security and emergency organizations. Exacerbating the situation further, there are no binding standards for IT infrastructure that cover all security-relevant organizations, making it difficult for the various authorities and agencies to agree on a universal application. Instead, organizations have favored the use of their own, expensive on-premises solutions rather than far more agile cloud computing options. As long as this is the case, interoperability and flexibility are set to remain a distant reality for agencies and organizations with security duties.
Faced with a lack of appropriate alternatives, many of those employed in the security and emergency fields resort to using their private smartphones and insecure messaging services such as WhatsApp. However, this leads to a shadow IT situation, which does not conform with the high security standards for agencies and organizations with security duties and is therefore strictly prohibited.
A way out of this predicament
Preventing these kinds of shadow IT situations in the future and ensuring the security & protection of data in security-relevant organizations, requires a state-of-the-art communication solution which meets the high security standards set by the Federal Office for Information Security (BSI). The solution should support integration into the existing backend systems at the security or emergency organization, and include the encryption mechanisms required to cover the processing and communication of confidential data up to VS-NfD classification level. In the case of BYOD or COPE models, it is also necessary to ensure that private and professional data or applications are strictly separated from each other. The application should moreover have the capacity to cover a large number of licenses, as the authorized recipients change on a regular basis in the cooperation between federal and state governments. Last, but not least, it needs to be easy to administrate and intuitive for users to handle. Otherwise, one runs the danger of the application not being accepted by the employees, who may then again turn to unapproved, unsafe apps. Modern communication solutions, based on container technology, fulfill all these requirements – irrespective of the device and platform employed.
Considering the security-critical scope of security agencies and organizations are engaged in, it is paradoxical how much their daily work is still characterized by hand-written, paper-based, analogue processes. The solution to this problem is self-evident – a secure, ultra-mobile tool for communication and collaboration is required, which completely fulfills the strict provisions of the Federal Office for Information Security (BSI) and is also easy to operate. A lack of financial resources is also no longer a deal breaker, as costs can be reduced substantially by employing BYOD models. As soon as agencies and organizations with security duties can agree on a single, standardized application, there will be nothing standing in the way of secure, ultra-mobile communication for security and emergency workers.