What is it?

PSN is the trusted, shared infrastructure that connects increasing numbers of organisations delivering public services to each other and to cloud based and hosted services they can use or share. Developed in 2011, after the Cabinet Office asked Industry to design an inclusive eco-system, the PSN was based on common Enterprise standards including performance and service, it’s made up of inter-connected commercial networks from many competing suppliers, so ensuring best value.

Why is it trusted?

To create the right environment for public service providers to share information and services, trust must be established between organisations. The annual PSN compliance process does this by ensuring that both suppliers and customer adhere to appropriate standards including security and technical interoperability. Using existing good practice and standard commercial services wherever possible, this approach creates ‘good and safe’ place for the PSN community to do business at least cost. This way, trust can be established  without direct contracts and previous experience.

How secure is PSN?

PSN provides an Assured Wide Area Network (WAN) suitable for using with information classified as Official (or Protect/IL2 in old terms). All services certified as PSN compliant are pre-accredited to ensure this and so cover the great majority of government requirements. Where information is classified as Official-Sensitive (similar to the old term  Restricted/IL3), then PSN can also meet this need with Protected WAN overlay services, using common agreed encryption or connectivity utilising  the Inter Provider Encryption Domain (IPED).

What’s the objective?

PSN aims to save the Public Sector money by better utilisation of conectivity and a greater choice of consumption and services and enable more efficient and joined-up public services. The initial aim was to provide a demonstrable £500m a year savings. This was achieved in 2013, according to HM Treasury.

What’s the benefit?

PSN saves money straight away by helping consolidate multiple networks, doing away with duplicate connections to other organisations, allowing the purchase of standardised, rather than bespoke services and promoting open and dynamic competition between suppliers.

Most importantly, PSN enables much larger benefits by providing the conduit for shared services, better collaboration and greater efficiency; transforming the way public services are delivered. Digital delivery to the citizen means that the public services ‘supply chain’ of processes, applications and information must be seamless and online too. PSN provides the trusted means to do this across departments, agencies and authorities.

How do I know if a service is ‘PSN’?

Before any supplier’s service can be connected to PSN it must be certified as complying with the relevant PSN standards. PSN compliant services can provide network connectivity plus a wide range of applications including voice, video, conferencing, collaboration, hosting, mail and many others. You can find a list of compliant services and those undergoing certification on the PSN website.
If in doubt, ask your supplier for the PSN compliance certificate for their service.

What about the PSN Frameworks?

Two procurement frameworks were let by the Crown Commercial Service in 2012, covering network connectivity (PSN-Connectivity) and a range of network services (PSN-Services). Although called ‘PSN’, the frameworks include both compliant and non-compliant services. To be clear, a PSN compliant service can be bought through any legitimate procurement mechanism and not solely through the PSN frameworks. Likewise, a listing on the PSN frameworks does not itself mean that a service is PSN compliant. Although extended into 2016, the PSN frameworks are due to be replaced with a new framework in 2015 called Network Services Framework which will list services that are PSN Compliant as an attribute, so removing any confusion between frameworks and compliance.

How do I connect to PSN?

Before connection to PSN as a user, you need to have PSN Compliance. This certifies that your network environment meets the basic requirements to connect to PSN, and ensure that you’re able to share and consume services across the PSN community. Find out more about becoming a customer from the PSN website. You also need to acquire a certified PSN connectivity service, whether that’s a complete WAN or just a single connection into PSN.

How do I make a service available on the PSN?

Any organisation, commercial, public or voluntary, can make services available to consume on PSN. Think of PSN as a ‘wire frame’ connecting hundreds of organisations on which shared services from communications to line of business or critical support applications can be hung. Doing this generally means gaining appropriate PSN certification as a service provider for each individual service before it can be connected to PSN.

More guidance on how to become a service provider is on the PSN website. Innopsis as the industry association for all PSN suppliers provides invaluable support from compliance workshops, networking and information to regular meetings with key stakeholders. PSN services can be sold through any legitimate procurement mechanism including the Digital Marketplace.

What’s the market for PSN services?

There’s a dynamic and open marketplace for PSN network connectivity and services, with many suppliers competing through the PSN frameworks, G-Cloud and other commercial routes. It is estimated that approaching £500m has been spent to date through the PSN frameworks and on PSN compliant services through other channels.  Innopsis is expanding with around 60 members, at least 50% of whom are SMEs entering the growing PSN market.

PSN General Documents and Technical Standards

Ever wondered what a vPoC is? Where does a PoI fit in? What exactly a DNSP is? What is PSN? What documents are in the overalll PSN Standards? The answers are here.

The core of the PSN Operating Model is the Technical Design Document (TDD). This describes the minimal technical standards of PSN Services.

To view or download the documents, please click here

Service Management Framework

In an environment where end to end service may be dependent on suppliers or other consumers who are uncontracted, there has to be a set of rules to obey, a way or working and a common vocabulary that all can understand. There needs to be an agreed ‘way of doing things’, otherwise there will be chaos. This does not have to be difficult or onerous, just following common sense practice.

The Service Management Framework decribes how PSN runs, day to day. For details of the documentation, please click here

Compliance

How does a Supplier or consumer know that any services connected or connecting meet the agreed standards? Compliance provides a short cut to experience. Services and Customer Environments that meet the conditions described in the PSN Operating Model, and can be backed up by verification, also a rapid trust environment to be established.

How is this done? The PSN Compliance documentation provides the information.

To see the documentation, please click here

What to expect from the UK’s new health secretary

What to expect from the UK’s new health secretary

Taking over as health secretary during a pandemic was never going to be a walk in the park, but the public health crisis is only one among several daunting tasks awaiting Sajid Javid in his new post.

Javid was announced as the U.K.’s new health secretary on Saturday, after his predecessor Matt Hancock quit when a video of him kissing an aide and breaching coronavirus restrictions in the process emerged.

The former banker is no stranger to taking on big jobs, having previously served in a host of major Cabinet roles including home secretary and, most recently, a short stint as chancellor. But there is enough awaiting the new health secretary in his in-tray to strike fear into the heart of even the most seasoned political operative.

This is what the high street of the future will look like

This is what the high street of the future will look like

John Timpson knows a thing or two about the high street. The chairman of the UK shoe-repair chain that bears his family name was, after all, entrusted to lead a 2018 government review into what the future UK high street would look like.

Though at one time he envisaged a future where the number of shops in British town centres would have halved, he could never have imagined how quickly that revolution would come. The impact of the pandemic on our towns and cities has, he says, been seismic: “What we have seen is ten years of change on the high street all in one go, but it’s been all the negatives, without any positives,” he explains.

Adopting a risk-based approach to government security

Adopting a risk-based approach to government security

The SolarWinds hack of the software supply chain, as well as the recent ransomware attack against Colonial Pipeline, the critical energy infrastructure company, has elevated the importance of governments adopting a risk-based approach to cybersecurity.
Not long after disclosing the SolarWinds attack, the United States Cybersecurity and Infrastructure Security Agency (CISA) announced its Systemic Cyber Risk Reduction Venture. This is an effort to develop actionable metrics and quantify cybersecurity risk across the US’s critical infrastructure sectors, focusing on the relationship between threat, vulnerability, and consequence.

Shortly after this, the UK’s National Cyber Security Centre (NCSC) provided advice and guidance to security teams and IT companies on what actions they should take to minimize the impact on them and their customers. Using tools such as the Cyber Information Sharing Programme (CiSP), they shared technical information on assessing if an organization was at risk and what actions they should take if they were. The industry and government initiative allowed UK organizations to share cyber threat information in a secure and confidential environment, providing organizations the ability to detect early warning of cyber threats and access to free network monitoring reports tailored to organizations’ requirements.

BT Sign OneWeb Deal to Tackle UK Rural Broadband Slow Spots

BT Sign OneWeb Deal to Tackle UK Rural Broadband Slow Spots

UK ISP BT and satellite operator OneWeb, which is partly owned by the UK government, have reached an agreement that will see the two working together to bring ultrafast low-latency broadband speeds to some of the hardest to reach rural parts of the country, where even their £5bn Project Gigabit programme would struggle to go.

At present OneWeb has launched a total of 218 small Low Earth Orbit (LEO) satellites into space, with another 36 set to join those on 1st July 2021, and the initial plan is to build a constellation of 648 satellites, which is enough for a reasonable level of global coverage by around the end of 2022.

How can businesses manage GDPR’s ‘Terrible Threes’?

How can businesses manage GDPR’s ‘Terrible Threes’?

GDPR is a ‘threenager’ this year, and despite battling through the terrible twos many organizations are still struggling to protect their data. Last year alone, the UK had the second-highest total value of GDPR fines across the EU, with companies paying £39.7m in total. And, at the start of the year, figures indicated that GDPR fines had reached a staggering £245m.
The risk of fines are, however, not confined to GDPR. Currently, there are 128 countries with data protection and privacy legislation — including CCPA, CCPA, PSD2, GLBA and a whole host of other acronyms.

At the same time, the business landscape has changed considerably in the last three years – cue obligatory mention of Brexit and COVID-19. To complicate the data protection challenge, the legislation itself could not have anticipated the fast-track adoption of technologies or the accelerated shift to cloud computing caused by the pandemic. A risk compounded by an unprecedented uptick of remote working and employees using home devices, and networks, that are almost certainly less secure than those found in the corporate environment.

These are not new concerns when it comes to data management and protection but the issue is that few businesses were prepared for how quickly things escalated. After all, many were focused on digital transformation to simply keep their business going so security in the design of new systems and processes was often neglected, albeit not through choice. The good news is valuable lessons have been learnt, particularly when it comes to protecting and managing data to ensure compliance. And through talking with many of our own customers, we can share a few.

To end cyberterrorism, the government should extend a hand to the private sector

To end cyberterrorism, the government should extend a hand to the private sector

It is said that the best way to lose the next war is to keep fighting the last one. The citadels of the medieval ages were an effective defense until gunpowder and cannons changed siege warfare forever. Battlefield superiority based on raw troop numbers ceded to the power of artillery and the machine gun.

During World War I, tanks were the innovation that literally rolled over fortifications built using 19th-century technology. Throughout military history, innovators enjoyed the spoils of war while those who took too long to adapt were left crushed and defeated.

Virgin Media Ireland for sale

Virgin Media Ireland for sale

Liberty Global is likely to put its Virgin Media television and broadband business in Ireland up for sale. The Irish business was left out of the recently completed £31 billion merger of Virgin Media with O2. The main cable television provider in Ireland, Virgin Media Ireland also owns TV3 Group, the only commercial television broadcaster in the country, which was rebranded Virgin Media Television. With 438,000 fixed-line customers, the business could be worth up to €2 billion.

Previously trading as Chorus NTL and UPC Ireland, the Irish operation was rebranded Virgin Media Ireland in 2015.

The Irish cable network passes 948,000 homes, with 319,000 subscribing to its television service and 388,000 taking broadband, giving it a total of 438,000 fixed-line customers. It also has a modest 122,000 mobile subscribers, operating as a mobile virtual network operator on infrastructure from Three.

Virgin Media in the United Kingdom is now owned by Virgin Media O2, an equal venture between Liberty Global and the Spanish telecoms group Telefónica. The $31 billion merger completed on 1 June 2021, following clearance by the Competition and Markets Authority.

Study Examines Capabilities of LEO Satellite Broadband Networks

Study Examines Capabilities of LEO Satellite Broadband Networks

Researchers at MIT’s Department of Aeronautics and Astronautics have tried to compare the estimated global data capacity of the four largest Low Earth Orbit (LEO) based ultrafast broadband satellite constellations – SpaceX (Starlink), Telesat, OneWeb, and Amazon (Kuiper). Interestingly, they end up closer than you might think.

We should point out that each network is at a different stage of development (e.g. Telesat and Amazon are still a fair way from commercial service) and the technologies they use, as well as the ground stations, are constantly evolving and expanding. As a result, the MIT study should be seen more as a ‘current’ estimate of each network’s expected throughput, or global data capacity, based on their technical specifications as reported to the FCC.

Likewise, the research doesn’t really consider the commercial model for each network, as well as how network throughput may vary between countries or how much network contention may be applied per user. As such, the report is only able to give a very general global overview of capacity, which is interesting if perhaps not as relevant for understanding future service impacts for consumers in specific countries.

A Big Touch of Technology in the UK Correctional System

A Big Touch of Technology in the UK Correctional System

Her Majesty’s Prison and Probation Service (HMPPS) has a vital role in overseeing correctional services in the UK. The organisation sits under the Ministry of Justice’s (MoJ) responsibility, but usually has its own ICT objectives and challenges to tackle. On 15th June 2021, HMPPS published its Digital, Data and Technology Strategy for 2021-2022, including a long term vision on what it expects to be implementing up to 2024.

In this article we will highlight the most important developments on HMPPS’s pipeline and some of the implications of these projects to the development of the correctional system in the UK.

Will SASE Mark the End of the Network as We Know It?

Will SASE Mark the End of the Network as We Know It?

Secure Access Service Edge (SASE), the increasingly popular framework that transforms security and network connectivity technologies into a single cloud-delivered platform, promises to revolutionize wide-area networking to the extent that it will soon eradicate conventional SD-WAN technology.

Kate Adam, senior director of security products at Juniper Networks, said that network leaders shouldn’t view SASE as the end of the network as it’s currently known, but as a “natural evolution in network technology, one that makes it more scalable and extensible by leveraging the public cloud global infrastructure.”

Arthur Iinuma, president of ISBX, an app development firm serving clients including Apple, Nike, L’Oreal, Warner Brothers, Lexus, and Red Bull, observed that SASE offers a cloud-based edge computing solution that gives distributed workforces secure network access. “With an increasingly remote, highly mobile workforce, this solution is needed now more than ever,” he stated.

Multiple benefits

SASE offers an entirely new network architecture that brings applications closer to end-users worldwide, as well as providing secure access. “Connectivity and security services that were previously delivered from a ‘heavy branch’ are moving to a thin branch, cloud-delivered model where networking and security come together,” Adam said. “This [approach] simplifies network and security architecture and promotes a threat-aware network with access and security policies that follow users wherever they go.”