Download PDF version Contact company

ANSecurity, a specialist in advanced network and data security, has announced a successful project with Nottinghamshire Healthcare NHS Foundation Trust to move to the SHA-2 cryptographic standard to help strengthen its security posture.

With over 12,000 computing devices and 500 servers under its management, Nottinghamshire Healthcare has maintained an ongoing strategy to continually improve its security controls. Most of its systems are used internally and unconnected to the internet. However, increased use of BYOD and more interconnection has prompted the IT department to instigate a migration of its PKI infrastructure to the newer SHA-2 (Secure Hash Algorithm 2), a set of cryptographic hash functions that is widely used in security applications and protocols, including TLS and SSL, PGP, SSH, S/MIME, and IPsec.

ANSecurity helped the Trust to overcome the complexity of its legacy PKI, along with dependencies on existing services including mobile device onboarding and remote access control

Overcoming the complexity of legacy PKI

SHA-1 has been depreciated in terms of its security capability, however not all our applications or servers natively supported SHA-2 which meant we needed to consider the upgrade with the context of a wider application server upgrade,” explains Andy Spencer, System Team Leader for Nottinghamshire Healthcare, “It is a significant project that we felt could benefit from dedicated security expertise for which we turned to ANSecurity.

ANSecurity helped the Trust to overcome the complexity of its legacy PKI, along with dependencies on existing services including mobile device onboarding and remote access control. As Jason Parry, Network Security Architect for ANSecurity explains, “We discussed at length with Andy and his team the merits of several deployment scenarios to determine the best course of action. Next, we agreed a process with various business groups who consume PKI and once ratified completed our standard scope of works documentation with pre-requisites to streamline the deployment.

The entire migration project including legacy operating systems migration and remediation of weaknesses within the SHA-1 signatures took just 3 days

Improved security posture

The actual project was driven by the Nottinghamshire Healthcare’s IT department under guidance from ANSecurity to ensure high levels of knowledge transfer. The entire migration project including legacy operating systems migration and remediation of weaknesses within the SHA-1 signatures took just 3 days, leading to improved security posture without any disruption to its 24/7 operations.

Any organisations with a legacy windows PKI environment need to perform something similar,” Parry explains, “This may not require a wholesale replacement and in many cases, it might be applicable to perform a simpler migration to new servers along with an upgrade that renews existing PKI infrastructure.

ANSecurity have performed dozens of these projects over the last 24 months and has a significant number planned for the next year. “The NHS with its large number of legacy systems is a sector that is rapidly moving to SHA-2,” says Parry. “Busy IT staff that may have overlooked these types of projects due to the complexity of legacy applications servers should not be overly concerned as the process for migration is relatively straightforward and uses a well understood process.

Download PDF version Download PDF version

In case you missed it

How can the industry do a better job of promoting emerging technologies in physical security environments?
How can the industry do a better job of promoting emerging technologies in physical security environments?

By all accounts, technology development is moving at a rapid pace in today's markets, including the physical security industry. However, market uptake of the newest technologies ma...

Dahua & KITT Engineering's LED screen innovations
Dahua & KITT Engineering's LED screen innovations

About a year and a half ago, Peter de Jong introduced Dahua to Fred Koks, General Manager of KITT Engineering. Since then, Dahua, KITT Engineering, and Ocean Outdoor have complete...

Protect assets with BCD's hybrid cloud NVR solutions
Protect assets with BCD's hybrid cloud NVR solutions

Like any retail franchise, car dealerships that have multiple locations nationwide require comprehensive, reliable, and scalable video surveillance solutions to protect their busin...

Quick poll
What is the most significant challenge facing smart building security today?