To use services on the UK Public Sector Network (PSN), or to provide services to customers that are connected to it, public sector organisations need a valid PSN compliance certificate. You must use information in the correct way when you are connected to the PSN to keep it a safe place for public service organisations to share information and services.
Red Olive and 360Suite recently hosted a webinar with advice for public sector organisations on how to meet the PSN criteria while maintaining a secure and compliant SAP Business Objects environment. The webinar also helps with the General Data Protection Regulation (GDPR) and other requirements in the context of SAP BusinessObjects, giving some specific examples about Universities and Colleges Admissions Service (UCAS) data.
David Searro, Client Director at Red Olive, says: “Central Government, local government, further and higher education establishments, care homes, private healthcare companies and housing associations all need to ensure they comply with PSN. With 360 Suite and using Red Olive methodology, we have a solution that monitors data vulnerability both externally and from an internal viewpoint too, particularly where issues may crop up from upgrading versions.”
PSN Compliance Process
Before connecting to the PSN, your organisation needs to pass the PSN compliance process. When you achieve compliance, you demonstrate to the Government that your infrastructure is sufficiently secure and that its connection to the PSN would not present a risk to the security of the network.
There are a number of Information Assurance (IA) requirements, which have been designed to provide an achievable baseline for security. Users also need to make a number of commitments about their working processes to maintain the ongoing security of the PSN.
The compliance process for obtaining a PSN connection certificate focuses on connecting a specific, predefined infrastructure to the PSN. The same process is used if you want your entire organisation or just part of it to be able to access the PSN.
An infrastructure is defined as ‘the situation from which PSN network traffic can be sent or accessed. This encompasses the networks, systems, hardware, processes and staff that will have direct and unmediated access to the PSN’.
In the Red Olive and 360Suite webinar, there is advice for public sector organisations, and educational establishments on compliance, General Data Protection Regulation (GDPR) and other requirements in the context of SAP BusinessObjects.
Topics covered include:
- Engaging in regular monitoring for vulnerability alerts and systematic and regular patching of all aspects of an ICT system’ as required by PSN
- Securing student data, including during annual UCAS embargo periods
- Understanding the source, purpose, and location of personal data to protect EU subjects in accordance with GDPR
- Maintaining a robust disaster recovery plan that enables the quick and easy recovery of any and all data, including data that was modified after the last full backup.
Click here to view the webinar recording in English. If you have any questions about any of the topics raised or would like to know more about how Red Olive or 360Suite can help you, email us at firstname.lastname@example.org or call +44 1256 83 11 00.