Skip to main content

Part of Data Security Standard 6 - Responding to incidents

Blocking web malicious content (6.2.5)

Previous Chapter

Always on, always connected, always up to date (6.2.3 - 6.2.4)

Current Chapter

Current chapter – Blocking web malicious content (6.2.5)

View all

Next Chapter

Email server software (6.2.6 - 6.2.9)

There should be a mechanism to scan and block malicious content on web pages. This can be at the network level with internet traffic going through a web proxy, utilising the NCSC’s Protective DNS (PDNS) service which blocks malicious domains or through your own blacklisting.

Using the NHS Secure Boundary solution which implements both of these measures is recommended for NHS organisations.

Alternatively blocking can occur at the browser level with an add on that blocks malicious content in the browser. This is generally the least favoured option in all but the smallest of organisations due to its general lack of central management.

Last edited: 26 September 2022 1:00 pm

Previous Chapter

Always on, always connected, always up to date (6.2.3 - 6.2.4)

Next Chapter

Email server software (6.2.6 - 6.2.9)

Chapters

  1. Data Security Standard 6 - Responding to incidents
  2. Incident reporting (6.1.1)
  3. The incident reporting system (6.1.1)
  4. Incident management system (6.1.1)
  5. An informed and empowered audience (6.1.1)
  6. Notifying local leaders, national bodies and individuals of a data breach (6.1.2, 6.1.3)
  7. End point anti-virus (6.2.1 - 6.2.9)
  8. Always on, always connected, always up to date (6.2.3 - 6.2.4)
  9. Blocking web malicious content (6.2.5)
  10. Email server software (6.2.6 - 6.2.9)
  11. Acting upon known vulnerabilities (6.3.1 - 6.3.5)
  12. NHS Cyber Alerts Service (6.3.2)
  13. Repeat data security incidents (6.3.5)
  14. Monitoring (6.3.4)
  15. Fraud (6.3.4)