Text Size: A | A | A

All news

PSBA Collateral - Security Overview - 26th July 2010

PSBA Collateral - Security Overview - 26th July 2010

PSBA has a range of collateral that provides an overview of PSBA, it's history, benefits, how PSBA addresses the Public Sector needs, an overview of PSBA services and a case study on Countryside Council for Wales, the first non-founder partner of PSBA. Below is a new piece of collateral to add to this growing list.


Security Overview English | Welsh

Information Assurance (IA) - Designed into The PSBA Network
The Public Sector is under increasing pressure to handle information, especially that of a personal nature, more securely. The damage caused to citizens and businesses, and to the reputation of the organisation when information is lost or mishandled is more sharply focussed.

“This office would consider reliable messaging via secure networks, to be preferential to the use of removable media storage devices for the purpose of information sharing”
The Information Commissioner’s Office.

Information Assurance at its heart.
The PSBA Network offers unrivalled security capabilities, with Information Assurance designed in from the outset.

The PSBA Network supplier, Logicalis UK, employs an independent organisation specialising in IA compliance and certification of public sector ICT systems. This team of CLAS (CESG Listed Advisor Scheme) consultants advises Logicalis and ensures the PSBA Network meets the current standards for IA.

CESG, the Communications Electronic Security Group, is recognised as the UK national authority on IA. It advises the Welsh Assembly Government on the IA status of the PSBA network, ensuring that the network design, build and operation complies with the rapidly changing IA policy and standards set out by the Cabinet Office’s Central Sponsor for Information Assurance (CSIA).

Confidentiality, Integrity and Availability
The technical architecture of the network has been designed and implemented to deliver separated virtual networks on a shared physical infrastructure. Each virtual network is created to meet the security needs of the user community, demanding separation for some functions but controlled connectivity to the internet and other services to allow for service delivery and interoperability. The security attributes of each environment are designed to meet the differing issues faced by the end users, using the measures defined in the accreditation process.

IA is not just about physical security, protecting the PSBA Network equipment against attack. For the PSBA Network, IA is all about how the Information Asset (customer data) is protected as it is transported over the network. As such, and following CESG guidelines, the Information Asset is transported without being open to eavesdropping, without being tampered with or altered and is available at all times.

The IA employed by the PSBA Network encompasses people, policies and procedures as well as locations and the technology itself. The PSBA Network IA framework takes all these aspects into account, and deploys a comprehensive range of IA and security measures, implemented in an approach fully endorsed by CESG.

IA Activities and Accomplishments
The PSBA Network is built to be capable of accreditation by information asset owners for transporting Information Assets up to the RESTRICTED level (as defined by HMG’s Protective Marking Scheme) and at CESG’s Impact Level (IL)3.

In order to offer a secure solution the current portfolio of IA measures includes: 

  •  All Logicalis, subcontractor employees and the PSBA team within the Welsh Assembly Government who work on the project are security cleared to the Baseline Personnel Security Standard (BPSS) level, allowing them to handle material of RESTRICTED and IL3 level.
  • Key members of staff in all organisations are cleared to the Security Check (SC) level, allowing handling of material up to the SECRET or IL5 level.
  • Logicalis, their staff, subcontractors, the procedures and processes used to deliver PSBA services and the network itself is certified to ISO27001:2005 the internationally recognised standard for an Information Security Management System (This applies to the whole of Logicalis UK AND the network).
  • The PSBA network is accredited by CESG to transport Information Assets at the RESTRICTED level between the 22 Welsh Unitary Authorities and the Department for Work and Pensions.
  • Solutions are available in order for the PSBA Network to transport Protectively Marked material at the CONFIDENTIAL or IL4 levels.