Presentation is loading. Please wait.

Presentation is loading. Please wait.

PSN Compliance in Local Authorities ADDRESSING THE CHALLENGES.

Similar presentations

Presentation on theme: "PSN Compliance in Local Authorities ADDRESSING THE CHALLENGES."— Presentation transcript:

1 PSN Compliance in Local Authorities ADDRESSING THE CHALLENGES

2 What is going on?  PSN CoCo submissions have just become more painful!  Affects all UK PSN users  Councils…….are especially affected,  Accredited individually  fundamental differences in our “digital landscape”  The Scottish Angle – Education and Registration – Mobile and Flexible.  Last 6 months  4 Councils pre-Zero Tolerance  4 now passed post-Zero Tolerance  Others going through the “Red Letters”

3 What’s the Key points?  “PSN-originated data” must be housed on a trusted network.  Zero Tolerance!  Timescales – Short-term pain, Long-term pain.  Limit/eliminate shared PSN/Non-PSN infrastructure  Unmanaged devices are “assumed compromised” – BYOD RIP  Previously (assumed) ”acceptable” remote access approaches now in question – thin client/zero data, sandboxing, even distros.  There will be unplanned cost and resource implications!

4 Getting there? The process…..  Sequential – not helpful  Signatories  ITHC requirements  Must get the two above right – before you pass to “validation”  Get to know your Cabinet Office PM!  Get some CLAS time?  Advice – know the process, avoid the ping-backs, speak to the CO, keep up with the Guidance, consider CLAS time

5 What might need done in the short- term?  ITHC Major/Critical and Significant mediums!  Get Patching!  Tighten Segmentation of networks – esp. if completely flat  Email……potentially more inboxes?  Remote Access – different passwords from internal network logins?  Unmanaged device access – closed off/restricted  Disclosure checks? GSX staff initially? Not clear!  Affected groups :- GSX users, Remote Access, BYOD  Advice: Know your PSN “footprint”, be pro-active, manage the comms with your customers

6 …but don’t breathe a sigh of relief for too long!  Long-Term Architecture  No clear “design patterns” – clarification imminent?  “Clearing House” approach?  Will need to look hard at whether “remote access (or PSN) is worth the pain…”  Partner and third party access = “unmanaged”?  Separation of infrastructure – web, servers, etc for PSN data  Windows XP ……. a case of bad timing  More disclosures?  NEED FOR COLLABORATION in 2014?

7 Questions needing answers?  Is the PSN approach tenable for Councils?  Will this ultimately limit the usefulness and adoption of PSN?  Do we know where the future pressures will be?  What are the costs? Who bears them? And is it worth it?  Should Councils collaborate on “long term” compliance work?  Will this mean IT is back in the role of “Information Preventor”?  Lobby and/or comply?  Strategic response – Segment and separate to allow unmanaged? 100% managed? Which strategy should you adopt?

Download ppt "PSN Compliance in Local Authorities ADDRESSING THE CHALLENGES."

Similar presentations

Ads by Google