Before any organisation can be connected to PSN or use it to receive PSN Services, they must be accredited and achieve PSN Compliance. In order to be compliant, all organisational users must sign a Personal Commitment Statement to indicate their agreement to abide by the security requirements of the PSN Code of Connection. NETconsent is proven technology chosen by 20% of Public Sector bodies to manage and report on this requirement.
NETconsent facilitates PSN compliance through:
Electronic acceptance of policies at logon – the most practical, reliable, and cost-effective method of ensuring that all users have read and positively accepted the Acceptable Use Policy, PSN Code of Connection, along with other related policies.
Recording information about when a user accepted or declined a policy – so there is no ambiguity over policy version control.
Providing proof of job function awareness – by testing understanding, which also identifies knowledge gaps, enabling risk mitigation.
Reports that show users yet to sign up to policies – without the administration burden associated with more traditional record keeping.
Real-time management reports – that show overall levels of compliance crucial for maintaining access to PSN services.
NETconsent provides a practical and sustainable approach to policy management for PSN Code of Connection.
Requirements of PSN
Challenges of PSN
The security controls laid out relate to the organisational policies and procedures people must follow, and the physical security of each organisation’s infrastructure. Section 2 of the Code of Connection concerns user education relevant to job function for all employees, contractors, and third parties.
Organisations must be able to provide proof that users have positively confirmed their acceptance of the Acceptable Use Policy (AUP) before access to information or PSN services can be granted.
PSN compliance is not just about putting technology controls in place. Most data breaches are a result of human behaviour. Effective communication of policies and procedures, which instils best practice amongst staff and contractors, is central to remaining PSN compliant.
Although the way in which the AUP policy is implemented is entirely at every organisation’s discretion, it is essential that all users of the PSN are fully aware of their responsibilities.
PSN is a secure electronic communications channel to share restricted and personal sensitive information between local authorities, central government, and the wider public sector. Following a series of high profile data breaches within the public sector, PSN has become the preferred method of data exchange by Government departments, such as the Department of Work & Pensions (DWP)