The National Archives improves FoI response efficiency thanks to Egress Secure Workspace

The National Archives is the official archive and publisher for the UK Government and plays host to one of the largest collections in the world, from the Domesday book right through to modern Government digital papers.

While not all records are open to the public, anyone around the world can make a Freedom of Information (FoI) request for access to a closed record. Upon receipt of such a request, The National Archives undertakes a review of the access status and sensitivity of the record in consultation with the transferring department.

The office receives more than 2,500 such requests every year, and some of these require the advice of the Advisory Council on National Records and Archives to decide whether or not the public interest is in favour of opening the record or continuing to protect it.

Julian Muller, head of IT Operations at The National Archives, has explained the practical challenges inherent in this process. “The Advisory Council typically has up to 18 members around the country drawn from the public, private and third sectors who have expertise relevant to the Council’s work. Members of the Advisory Council are assigned to panels to review individual cases. These records are sensitive so we need to be able to share that information securely with these remote users.”

To deliver the right level of security, The National Archives had previously provided the Council’s members with their own equipment, which then had to be supported and maintained by the central IT function. Documents were shared with users through secure e-mail, but it was still a heavily manual process.

Muller explained: “If there was a problem with the equipment, we would have to courier it back and forth so that our team could fix it. That added to our overheads and inconvenienced Council members. The fact that our hardware and operating system were unfamiliar to many was also a problem, and because individuals only used the equipment periodically, they could often forget how to log on. Resetting their passwords remotely wasn’t easy.”

Unsurprisingly, Council members regularly asked if they could use their own equipment instead. However, maintaining the necessary levels of security had previously made this impossible.

Introducing an approved secure workspace

Prior to the FoI project, The National Archives’ IT team members were already aware of the technology offered by Egress, an expert in risk management and data privacy, through the company’s work with other UK central Government departments.

After trialling the software and reviewing its security, The National Archives implemented the Secure Workspace solution to provide an encrypted environment that would share documents and collaborate with The Advisory Council on National Records and Archives.

Now, when a given FoI request requires consultation with The Advisory Council, The National Archives’ central office uploads the documents to a new folder within a secure zone, whereby a panel of three Council members can review and comment on documents securely. All Council members have specific permissions and access to the zone, although only the Council members involved in each specific panel have access to that panel folder and, as external users, they have no access to The National Archives’ internal Intranet. The Advisory Council’s members also use Secure Workspace to manage administrative information, such as meeting agendas.

Delivering benefits for all

“It was the right choice for The National Archives to adopt Secure Workspace,” observed Muller. “It has improved efficiency for our panel members, who are able to use their own equipment to access files via Secure Workspace, which in turn has freed our IT team from the time and expense of supporting remote equipment. Overall, our FoI management process has become simpler and easier.”

With the successful implementation of Secure Workspace for FoI requests, The National Archives is now looking to other areas where the technology could help them become more efficient.

“As many Government departments are also Egress users, there are plenty of opportunities where we can improve other processes,” outlined Muller. “For example, we’re currently looking at how we could use Secure Workspace or Egress E-mail and File Protection to share scans of documents with other Government staff, allowing them to access the information they need while we retain the hard copy.

In conclusion, Muller informed Risk Xtra: “Looking ahead, we’ll continue examining areas of the organisation to see where we could implement the technology to further improve efficiency and maintain our high levels of security.”

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts