NHS Digital on how its Secure Boundary is protecting trusts from cyberthreats
The perimeter security programme is already protecting thousands of NHS services and wants to work with more trusts, according to Rosie Underwood
Credit: Yui Mok/PA Archive/PA Images
NHS Secure Boundary is a powerful cybersecurity tool that gives NHS organisations the chance to control what passes in and out of their digital estate.
Organisations can benefit from secure filtering for web content, next generation firewalls, secure DNS services and data-loss prevention, among other things.
Last summer, we announced the delivery of NHS Secure Boundary and our partnership with Accenture, Palo Alto Networks and Imperva. Since then, we have worked with a range of organisations to gather vital feedback on their onboarding experience so that we could learn the best way to extend the solution across the wider estate.
We now have 15 trusts live on the platform with implementations scheduled through to the end of 2020. All 21 Consumer Network Service Providers (CNSPs) that manage internet traffic on the Health and Social Care Network (HSCN) are now live on NHS Secure Boundary and over a thousand NHS and care organisations that use them are benefitting from the protection that it offers.
Why Secure Boundary?
First and foremost, the platform is flexible. Organisations can choose from either or both of the firewalls on offer and we will walk them through each step of the onboarding process, providing support with a dedicated set of expert resources, tailored to their needs.
One of our early adopter trusts, York Teaching Hospitals Trust, had this feedback:
“NHS Secure Boundary has given us an extra layer of security for our internet access at almost zero cost for our trust, saving potentially hundreds of thousands on a similar product if we’d had to buy it in ourselves. Its next-generation firewall, which identifies potential threats early on and reduces our risk of exposure to hackers, was really appealing to us and the fact that NHS Secure Boundary helps to fulfil the Cyber Essentials+ and Data Security and Protection Toolkit requirements was also a big bonus.
There are over a thousand organisations on HSCN in total, running approximately 7,500 internet-facing services across the country. All of these pass through NHS Secure Boundary, giving front-line clinicians the ability to securely access more timely information
“We’ll be using NHS Secure Boundary’s Web Application Firewall, which will protect all of our external-facing web services from potentially malicious inbound access requests. This means that we will be able to host our patient administration systems on our own network, and both community workers and sanctioned external organisations will be able to securely access them from wherever they are. So, this will enable a much more mobile and connected workforce, allowing clinical information to be available securely at the point of care, be that on our premises or at a patient’s home.”
A bird’s eye view
Secure Boundary also gives the NHS a chance to see a broader picture centrally of what is happening with internet traffic. The more we can see across the NHS system, the better we can scan for potential threats in real time, detecting and neutralising them to help NHS organisations to protect themselves.
It allows us to react much quicker to events across the estate and provides us with visibility and intelligence. So, during the pandemic, for example, this enabled us to block over 100,000 malicious domains as we increased the capacity of the platform to support the increase in internet traffic during Covide-19.
The NHS Secure Boundary also supports essential programmes, such as HSCN and Internet First, by helping to modernise security for organisations’ access to the internet, even on mobile devices.
There are over a thousand organisations on HSCN in total, running approximately 7,500 internet-facing services across the country. All of these pass through NHS Secure Boundary, giving front-line clinicians the ability to securely access more timely information and therefore make more informed decisions about patient care, even if they are not on site.
NHS Secure Boundary is continually improving, with an innovation fund built into the programme to explore new and emerging technologies.
There is a centrally funded two-year programme to onboard organisations with a dedicated team on hand to manage and support them, which started in January 2020.
NHS Secure Boundary complements and supports the other services provided by NHS Digital’s Data Security Centre to help mitigate the risks we identified in our analysis of the wider system. These include Microsoft Advanced Threat Protection, our email filtering service, the Cyber Security Support Model, our workforce simulated phishing campaigns and our board level-training, providing both physical protection from threats and better awareness of cyber issues for staff.
Government will set legal requirements for digital identity providers rather than consider national identity cards
Matt Warman tells PublicTechnology event that government wants products and services to be secure ‘from the ground up’ – reducing burden on consumers and businesses
Three-year deal awarded to Pegasystems
More than 20 million UK citizens have downloaded the NHS Covid-19 app. One of the leaders of the development process tells PublicTechnology about its impact and future...
Defence Medical Services (DMS) is pursuing ground-breaking digital, data and technology transformation which will revolutionise Tri-Service healthcare provision to over 135,000 Armed...
Jointly, Equinix and Cintra enable organisations with mission-critical Oracle workloads to accelerate their journey to cloud, while minimising transition risks - here's how
OneTrust presents the reasons why your organisation should invest in privacy management - and offers three easy tips for getting started
The remote-first world has seen email being relied on more than ever as a core communication mechanism - but with 93% of IT leaders acknowledging a risk to sensitive data, what steps should be...