We are working closely with our hosting providers to take a holistic approach to network security, ensuring that it is integrated into our solutions right from the start. As part of the hardware expansion, Preventx are migrating all hosting and database infrastructure to a new hosting provider selected for their extensive experience with NHS services (including N3 and HSCN connectivity).
A network plan has been developed which will ensure connectivity to HSCN services as they go live. This process has been more complex as - unlike most NHS services - our solution requires security of both internet facing and internal networks; furthermore, the nature of services offered requires a high level of integration between the different layers. As an example, an on-site secure LAN at Preventx’s Sheffield site (which networks analysers, kit dispatch systems, etc.) will be connected directly to hosted services via a dedicated line into the building. Unlike other solutions (such as VPN links to N3), this ensures Preventx’s internally secure network does not pass data over the internet or HSCN in order to integrate with remote systems.
The new internet facing portal developed for this service is subjected to external, accredited penetration testing at both infrastructure and application layers.
By default, the clinic facing portal only allows those connecting from N3/HSCN networks to login and Two-factor authentication is required for all users. This requires users to submit two separate pieces of evidence of their identity before having access to the system. A full audit trail of logins and access to service user records is recorded, should this need to be investigated.