As featured in DisruptiveViews
The Singapore government made an astonishing announcement last week that all computers used officially by public servants in Singapore would be cut off from the internet from May next year. The reason given for this unprecedented move was “to tighten security.”
A spokesperson for the Infocomm Development Authority (IDA) said “the Singapore Government regularly reviews our IT measures to make our network more secure”, and that the move is aimed at plugging potential leaks from work e-mail and shared documents accessed by over 100,000 computers amid heightened security threats.
Of course, any such blanket decision is bound to have exceptions that are not taken into account by those in high positions. Within 24 hours of the announcement a memo was sent out to all teachers working under the Ministry of Education that they work on a separate network that will not be connected to the Government Enterprise Network.
The Singapore Straits Times reported seeing the memo that stated, “As cyber security threats continue to evolve, it is important for the Government Networks to remain secure to prevent deliberate cyber attacks resulting in undesirable leakage of sensitive government data.”
The notice also acknowledged that schools are more dependent on the use of internet for teaching and learning. As such, they will “continue to have access to teaching and learning resources on the internet from their computers”.
Trials were started with some employees within the IDA – the lead agency for this exercise – in April. Internet access and web surfing can be still be done but only on the employees’ personal tablets or mobile phones as these devices do not have access to government e-mail systems. Dedicated internet terminals have been issued to those who need them for work.
It is quite amazing for any corporation, let alone a whole public service, to take such an extreme move.Not even enterprises like banks, public utilities and telcos – renowned for their strict policies for computer usage at work – have resorted to a blanket ban on internet access. Many block undesirable sites to prevent staff accessing them and most have sophisticated firewalls, virus protection and spam filtering in place.
The Straits Times also reported that the news evoked a range of reactions locally on the trade-off between security and efficiency. Some said it was a bold response to the threat of online intrusions. Others said it should have been more finely calibrated. Many of those affected directly said it will make life difficult for them.
So what is it that has the Singapore Government so worried to make such an extreme move? If there is a concrete security concern then shouldn’t all Singapore-based enterprises be informed to help them prepare for attack?
The island city-state is no slouch in trying out new things and making bold plans that other countries would simply be unable to do. It was the first to roll out a true national broadband network; certificates of entitlement (bid at auction) for the right to own a car; and most recently, the merging of the infocomm and media regulators. All very progressive and far-reaching moves. But closing off access to the internet from government computers seems to be a backward move considering just how much we have all come to depend on it, even governments.
It would appear the Singapore Government has little faith in current security technology. Will it, in time, make the same demand of private enterprise computers? It will be interesting to see if other countries follow suit rather than putting in place the right security and filters to prevent cyber attacks. Of course, anyone thinking it might be fun to hack into the Singapore government network has until May 2017 to do so now that the red flag has been waved. In the meantime, it’s back to the future in Singapore.