Infrastructure > PSN

PSN community digests confirmation from GDS that PSN has no future

David Bicknell Published 23 January 2017

GDS blog indicates government conclusion that “the Internet is OK”, which means "a journey away from the PSN"

 

The Public Services Network (PSN) community has signalled its concern after the Government Digital Service (GDS) finally signalled that PSN has no long term future under its watch, a conclusion that many already suspected.

PSN had previously been defined as “the government’s high-performance network, which helps public sector organisations work together, reduce duplication and share resources.”

But in a blogpost , James Stewart, GDS’ director of technical architecture & head of technology, said that at a recent meeting of the government’s Technology Leaders Network “it was clear that everyone agreed we could just use the internet.”

He said, “For the vast majority of the work that the public sector does, the internet is ok. We’ve got some advice in our network principles.

“We’ll often need to deploy…security measures, along with a host of other measures to ensure basic application-level security, but…we increasingly need to do that even when services are on the PSN. This then opens up the question of whether the extra layer of complexity is really helpful.

“So that means we’re on a journey away from the PSN.”

Stewart added, “When different parts of the public sector share services and exchange data it’s important that we can rely on the basic security of each other’s technology, and that the data will maintain its integrity as it moves around. It is an important part of ensuring that there’s a clear layer of trust between everyone involved in the interaction.

“For the past few years a lot of government (and wider public sector) services have relied on the Public Services Network  to provide assurance of that IT security. As a high-performance network operated by multiple vendors, the PSN provides assured connections for a wide range of public sector organisations.

“As we move more and more of our systems to public cloud services the expectation that we’ll communicate over the PSN can cause confusion and adds complexity for public sector organisations and our suppliers.”

Responding on behalf of industry association Innopsis, Des Ward, the organisation’s director of information governance said, "We support what technology leaders are saying in that the security required is available in fixed networks and the internet. However, the issue is about resilience. If public sector bodies rely purely on the Internet they could have a very secure service, but what happens when that service isn’t available?

“How then do we ensure that the provision of vital public services is always available? Suppliers need a framework whereby they know how to operate together to provide this end to end assurance. Industry needs to ensure that connectivity services used by the public sector are as reliable as possible. There is balance to be struck by learning from the service assurance created by PSN and making sure we deliver a more cost effective and flexible model.

“A great example of how PSN has evolved successfully is the Health and Social Care Network (HSCN). It recognises that actually you can use any form of transport you want, including the internet, but all providers offering services to the NHS are signed up to an Obligations Framework,” he added.

“Innopsis is currently working with industry leaders to reconsider how the public sector’s digital infrastructure will best meet the challenges of the next decade. We will be holding an event in London in March this year, including senior spokespeople from government bodies and industry, to discuss the future of public sector networks and infrastructure."

While some PSN supporters appeared to be responding as positively as they could through gritted teeth, others were less restrained.

One networking specialist said, “GDS have been saying this for years. I think they are wrong this time. What we should do is evolve the PSN structure to support a cloud first strategy bringing security and other value added features.

“GDS has been lukewarm and everything has to be on their terms. They’ve lost their way at the moment and announcing key policy changes in blogs is so annoying.”

One suggestion that has been mooted is the creation of an integrated network for the public sector, though it is too early as yet for too much detail on the idea.

In his blog, Stewart pointed out that a move away from PSN is not going to happen immediately.

“Organisations that need to access services that are only available on the PSN will still need to connect to it for the time being. They’ll need to continue to meet its assurance requirements, and in fact they should make use of the practices that covers when reviewing all their core IT.

“But from today, new services should be made available on the internet and secured appropriately using the best available standards-based approaches. When we’re updating or changing services, we should take the opportunity to move them to the internet.

Stewart admitted that there remains a “bit of work” to do across the public sector to prepare for the changes adding that “we’re not quite ready to provide a full timeline.”

He said, “My colleague Mark Smith, Head of PSN, has been working with data scientists in GDS and the National Cyber Security Centre (NCSC) to prototype other ways of providing assurance data that will help organisations establish trust. He’ll introduce that soon in a blog post and is doing some deeper discovery work to ensure we have great options for organisations to verify that their networks meet a set of basic standards.

“GDS, NCSC and Crown Commercial Service (CCS) will be working together to ensure that as we update the ways in which we buy network services we have the widest possible range of suppliers and the right options to make sure we get the highest quality connections.

“We’ll be working with the Tech Leaders Network and the wider PSN community to ensure that common issues are clearly identified and that wherever possible we work together to provide common solutions.

“We’ll also be working with colleagues in the Cyber and Government Security Directorate and others across the public sector to make sure that we are able to collaborate on upgrading older systems that need new protections and share good practices. That’s a clear part of the National Cyber Security Strategy and this move just adds some more focus to plans already underway.”

Related articles:

Mark Smith gets nod as new head of PSN








We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.