HSCN Internet connectivity is protected via the HSCN Advanced Network Monitoring (ANM) service, which inspects all Internet traffic from HSCN suppliers and instantly blocks any known malicious content. In addition, the service includes a new advanced threat detection capability designed to identify brand new or 'zero-day exploits'. It operates as a cloud-based service meaning all HSCN connectivity services benefit from the same high level of high-performance protection.
The HSCN Network Analytics Service (NAS) has been established to monitor the heartbeat of HSCN and identifies any new or anomalous behaviour on any part of HSCN. The service receives real-time feeds from HSCN connections, the ANM service and the Domain Naming Servers (DNS), proactively looking for anomalous behaviour. Any anomalous behaviour is alerted to the NHS Digital cyber security team who will investigate further.
Work is underway to adopt the National Cyber Security Centre Protective DNS service, which will block malicious websites in real-time, preventing people going to them in the first place.
NHS Digital CareCERT will contact HSCN customers about malicious activity and malware that HSCN identifies and will help resolve and prevent further cyber security incidents. CareCERT also provides a wealth of cyber security related guidance.
Despite the following central security capabilities outlined below, HSCN should not be considered a secure network. All connected organisations must risk assess their use of the HSCN and employ their own security controls to protect any data for which they are responsible. The HSCN will not automatically encrypt any data or guarantee the security of data or communications by default.
Further guidance can be found in the Data security knowledge library.