Securing our Government

But the security threats are not always based around data, desktops and networks; other IT solutions, or more specifically biometrics, also play a role in securing the country.

"The strong focus at the moment is still very much around border security," Unisys director identity and biometrics Asia-Pacific, Geoff Lever, said. "There is still a very strong focus on verifying the identity of people crossing the border, either way, in or out of Australia."

Many federal and state government agencies, particularly those associated with immigration, are interested in easy-to-use IT - including fingerprint, face print and iris scanning solutions - that enables them to identify individuals of interest. There is also growing interest in vascular scanning, or scanning veins.

"The technology is advancing very rapidly," Lever said. "One of the most important things about the technology is their usability. How easy are they to use both for the operator and the client? If it is not easy to use why would you use them?"

In the driving seat

While these threats are obvious drivers of the implementation of security solutions, there are other factors in the government decision making process. To be sure, traditionally governments have been riskaverse, slow adopters and inclined to procure IT through proven suppliers.

"In government there is always a level of risk and they are risk-averse," Unisys' Lever said. "You really have to be developing something that is proven. They are not going to, in my view, take a risk on something that is unproven. They are looking for something they can justify to their political masters as delivering a significant business benefit."

But they are also driven by compliance and procurement regulations to a large extent.

"The policy requirements and compliance that they need to meet are quite tricky these days," Sophos' Nicholson said. "It's not your stock-standard 'don't open an excel spreadsheet'. It's 'don't allow these numbers to go across to these kinds of websites' and 'don't allow documents with these set words to go anywhere' and so on. You need really strict security solutions that can set that policy and implement it for you. Everybody knows what they have to do but when you have discussions with people they go, 'I don't know how to do it'."

Governments have also habitually controlled how people access information with an iron fist, particularly in provisioning endpoint access at home and through mobile devices like the BlackBerry.

"One of the major focuses for the government has been access control," Frost & Sullivan's Milroy said. "That's something government has been doing to a greater extent than other organisations."