Skip to main content

Zero Trust Architecture in MoJ Network Services

Posted by: , Posted on: - Categories: digital strategy, Our services, Zero Trust Architecture

There is a new buzzword, Zero Trust (ZT), that is cropping up at every cyber conference and there are streams of online publications referencing its approach. While the concept has existed for a decade, it has gained a lot more traction lately.  If you’re interested in understanding what it means and how we’re approaching it at the Ministry of Justice, (and how to stay protected) then read on!

In essence, ZT is a technique in cybersecurity where inherent trust in the network is removed and user identity is continuously revalidated at each stage of a digital interaction rather than, for example, permitting access to users based on which network they are connected to. But why is this necessary? 

A good analogy that I heard lately that demonstrates the problems that ZT addresses discusses security in airports.  It is accepted practice that we must validate our identity at various stages when travelling through an airport – at check-in, the security gates, potentially when buying duty-free, and again when boarding the plane. Just because we’ve verified our identity at the check-in does not mean that our identity doesn’t need to be validated again as our access increases - in this case eventually onto the aircraft. Also, bear in mind that our luggage goes through a similar process once it leaves us at check-in.

A similar approach is needed across the Ministry of Justice estate. We maintain more than 800 live services and over 100,000 devices.  We support prisoners and members of the public as well as 86,000 internal colleagues operating across 13 organisations and 1,100 sites. As such, we need to ensure we have control over who has access to those systems no matter the situation, user, location, or access method. The same security checks should be applied irrespective of how users are accessing systems, whether that’s from a government building or when working remotely. 

ZT means we’re taking a holistic approach and implementing the same policies and controls across users, applications, and infrastructure to reduce risk and complexity while achieving organisational resilience. It’s not just the network, interactions also consist of identity, access, device/endpoints, and transactions.  

Why is Zero Trust Architecture Important to the MoJ?

Getting it wrong could have a significant impact. The services we provide underpin much of the justice system and what we do at an operational level has an impact on people's lives. It is imperative that we get cybersecurity right as it is integral to improving our approach to data protection, reducing overall threats, mitigating insider threats, and generally enhancing our overall security posture.

We must also adapt to the changing environment. Like most organisations we have been on a significant digital journey over the last few years. Since the pandemic, there has been a significant increase in the use of technology across all our services, from laptops in prison cells, remote parole, and court hearings to virtual prison visits, and a considerable increase in virtual and hybrid meetings.

Ensuring secure connections to services has been vital during this journey and has ensured our staff are able to do their jobs. But we’re not stopping there.  We are continuing that journey to cement our ZT approach, which is helping to deliver our Justice Digital Strategy, and ensure we are led by our users, data driven and flexible. Let me expand on these three themes:

  • Led by users - we are building systems and services around the people that use them, ensuring that staff have the right information at the right time to help them do their job. ZT provides a seamless and consistent user experience regardless of whether they're connecting from home or the office. Providing an exceptional user experience is the core of our focus. ZT enables this approach by providing whole system validation that authorizes users to access the correct information whether at home or in the office. It also ensures that sensitive information is not exposed via an untrusted user or endpoint
  • Driven by data - Our decision-making processes are driven by data, and data is fundamental to how we deliver our services.  As our strategy moves us towards deploying cloud-based Internet-facing applications, the ability to revalidate user and device credentials is critical.  We need to be aware of unusual behaviour patterns and respond dynamically to them which will be key to maintaining the level of security necessary to protect our services.    
  • Flexible – A ZT methodology enables flexible connectivity that supports enhanced rights management, endpoint hygiene and trusted communications. This ensures that the right data is delivered to the right user in a trustworthy and auditable manner.  It also supports us to take a flexible and agile approach, able to adapt to our changing environment.

What are we doing with Zero Trust? 

Our “Internet First” strategy and modern hybrid working practices inherently create the need to allow access to our services from more varied locations and device types.  This marks a transition from the traditional model where users were all connected to a corporate local area network and security was mainly focused on the network perimeter.  Embracing ZT allows us to move away from a model that focuses on the network perimeter, to a more dynamic world.  In this scenario, continued access is granted based on the analysis of user behaviour, network traffic, live security events and the revalidation of user identity.

By adopting ZT best practices, such as performing continual monitoring and analysis in conjunction with only allowing least privilege access, we will benefit from a security model that is far better suited to today’s digital landscape and our strategic ambitions.

It is a journey for us at MoJ. We can't move immediately to the full ZT vision because legacy stuff means that some stuff will need a degree of network-based trust for some time.We are currently in the process of moving from legacy products and solutions to next generation solutions on our journey to ZT. These solutions allow for far greater insight into user behaviour and the data that is flowing across our network. They also provide far more granular and more dynamic control over the access provided.  Migrating from a siloed logging and monitoring approach across technologies and environments to a centralised approach allows us to gain real-time visibility of what is happening in our environment.

The National Cyber Security Centre (NCSC) have established eight principles for ZT which cover:

    • Know your architecture, including users, devices, services and data.
    • Know your User, Service and Device identities.
    • Assess your user behaviour, device and service health.
    • Use policies to authorize requests.
    • Authenticate & Authorize everywhere.
    • Focus your monitoring on users, devices and services.
    • Don't trust any network, including your own.
    • Choose services designed for zero trust.

Our Take Away

Taking a ZT approach provides the foundations for a secure digital environment, allowing the realisation of the principles of GovAssure and the Cyber Assessment Framework (CAF). All organisations have an ongoing cyber journey, and our mission is to provide simpler, faster, and better services to all our users. 

Sharing and comments

Share this page

Leave a comment

We only ask for your email address so we know you're a real person

By submitting a comment you understand it may be published on this public website. Please read our privacy notice to see how the GOV.UK blogging platform handles your information.