Cyber Scotland Week - Perimeter
Date: 2 March 2023
We have designed, developed and built a strong perimeter defence over time, and you can think of this as being similar to School Place. Just as how you need a special key (your tag) to get into the office - and if you're not wearing your ID, you could be challenged - our perimeter is built on the same principle. Nothing can get directly in or out, and everything is checked to see whether it's malicious or normal network traffic.
To do this we use devices called “smart firewalls” that are capable of analysing data. Between these firewalls we use devices that stop the data, check it and forward it (either in or out) if it's normal. The one you're probably most familiar with is our web proxy, this checks the sites you visit against a list of blocked sites and either allows you to see the site or gives you a message to say it's blocked.
In addition to the firewalls and proxy, we check who you are with the usual username and password combination, and if you're coming from outside the council's network you may also get an authenticator challenge (this is called multi factor authentication or MFA) which could be a text message that you receive, a phone call, or the Authenticator app on your mobile phone. This adds an additional layer of confirmation that you are who you say you are, to reduce the risk that a compromised password allows a hacker access to the network.
We also authenticate the device that you're using and check that it's up to date and fit to be using the network. If you're working from home or away on business, we connect you using a technology called a virtual private network (VPN) that uses strong encryption between your workstation and the council network to protect the information and communications you're working with. You can think of this as being a secure envelope that no-one can open, so the information inside is kept private.
We apply similar strong control mechanisms to our Microsoft 365 system - perimeters aren't only around the council systems in School Place.
Once you are logged in, we limit what you can see to the information you need to do your job, and everything is checked for malware by both servers and your workstations.
Together, all these systems add protection to the information we hold on behalf of the public - this security mechanism is known as defence in depth.
We also collaborate with the other Scottish Local Authorities and the National Cyber Security Centre (NCSC) to share information about potential threats and security issues, and we monitor specialist platforms for threat intelligence. When we send out an email to warn you about a potential risk, it's usually because something has been identified using the cyber intelligence networks.
Last, but never least, we also benefit from the security provided by you to report anything suspicious or any mistakes that may have been made. Security begins with the people that use the systems, and we hugely appreciate all of the caution, care and calls to the helpdesk that comes from our colleagues.
-
Category:
- Community