Part of Data Security Standard 9 - IT protection
Perimeter defence (9.3.6, 9.4.1)
You should have a suitable perimeter defence such as next generation firewall described in the HSCN perimeter security guide.
The National Cyber Security Centre provide guidelines on the network perimeter defence.
If you are an NHS body we recommend you consider the NHS Secure boundary solution.
Transport Layer Security (TLS)
Transport Layer Security (TLS) is used in client server communication and a well-configured TLS ensures that no third party can eavesdrop or tamper with any message.
Well configured in the sense it follows the National Cyber Security Centre requirements on ciphers and certificates for Opportunistic TLS used in mail (as one example). The version utilised should be 1.2 or 1.3 (1.3 being the newest at the time of writing).
Everything has a shelf life
Over time, security measures and controls can become less effective. Static security measures are not like a fine wine, they generally don’t get better with age.
That insightful and cutting-edge security induction can soon date, your polices may reflect obsolete advice such as the use of strong passwords and that market leader proxy server you purchased several years ago, may now only be receiving minimal updates.
To know how effective your security measures and controls are it is important to know what and where they are. Therefore, an inventory view of your security posture can be useful.
How you chose to validate your controls and measures is not mandated and would probably come from a variety of sources given it covers all your network and information systems.
Last edited: 1 September 2022 3:54 pm