Non-Health
Service organisation wishing to connect to the
NHSnet, must first undertake an NHSnet Connection
Audit.
Once
the Audit has taken place and any remedial recommendations
implemented, a secure solution needs to be designed.
The Audit and the Design will be taken together
to form a Submission to the NHSnet Information
Authority Security Board in order to seek their
approval. Only when Security Board pproval has
been granted can a Code of Connection be applied
for.
The
design (and new security regime) must be conformant
with the NHS Information Authority's security
policies, which encompass BS7799 standards for
information security. These dictate that the following
elements be considered within the design submissions:
security policies, network connections, network
security (including ITSEC E3 or EAL4 approved
firewalls), strong authentication, CLI identification,
information categorisation and intrusion detection.
As
information security specialists with considerable
experience of the NHSnet, Codes of Connection
and BS7799, Hytec is ideally suited to design
secure solutions for third party connection to
the NHSnet.
As
part of a remote managed service, Hytec is now
responsible for the security management of Securicor
Distribution's web hosting environment ......
