Enhancing Security with Multi-Factor Authentication for NHS Mail Users
Multi-Factor Authentication (MFA) is being enforced for all NHSmail accounts to safeguard patient data and prevent cyber-attacks. Understand the benefits, importance, and steps to enroll in MFA to enhance security measures. Protecting sensitive information is crucial in the digital age to ensure patient safety and maintain the NHS reputation.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
E N D
Presentation Transcript
BOB ICB BOB ICB ROLL OUT OF ROLL OUT OF MULTI- -FACTOR AUTHENTICATION FACTOR AUTHENTICATION TO NHS MAIL USERS TO NHS MAIL USERS MULTI November 2023
Contents 1. 2. 3. 4. 5. 6. 7. What is MFA? Why MFA? Benefits of MFA? Enrolling for MFA Authentication methods Enforced Enrolment Resources and Support
WHAT IS MFA? WHAT IS MFA? What is MFA? Multi-Factor Authentication (MFA) is an additional security measure currently being implemented across all NHSmail accounts. The authentication process will be required when you log in to your emails via the web browser. Everyone is required to enrol, even if they never use web-based email. Multi-Factor Authentication helps protect users by making it more difficult for someone else to sign in to their NHSmail account. It uses two different forms of identity: the user s password, and a contact method.
WHY MFA? WHY MFA? Why is MFA important to the NHS? Cyber-attacks on electronic health records and other systems pose a risk to patient privacy because hackers could access sensitive information, potentially causing harm to patient safety and care delivery. Hackers can use ransomware viruses to hold medical records or devices hostage, risking your access to vital tools and information. Cyber security failure ranks among the top-10 risks that have worsened since the start of the COVID-19 crisis in 2020, ransomware attacks increased by 435% Up to 80% of data breaches can be prevented by simple actions like enabling MFA Over 93% of healthcare organisations experienced a data breach from 2017 to 2020 More than 99.9% of accounts compromised by cyber-attacks can be blocked by using MFA
BENEFITS OF MFA BENEFITS OF MFA What are the benefits of MFA? Keeps any patient data in a more protected environment Makes it harder for hackers to steal your information Helps protect the NHS reputation Provides increased protection against cyber attacks Checks if an attempt is made to access your account from an unusual location or device
ENROLLING FOR MFA ENROLLING FOR MFA Getting Started Everyone will need to enrol for Multi Authentication. This is because MFA is mandatory across the NHS, and from December 2023 all NHSmail accounts will have MFA enforced, so users will need to authenticate the next time they log into NHSmail via the web browser. User accounts created since 1stOctober, 2023 will already have MFA enabled by default. Shared accounts must not be enrolled, or accounts embedded in clinical systems, printers, scanners, copiers, etc. Get started now by deciding on the method you will use to authenticate.
AUTHENTICATION METHODS AUTHENTICATION METHODS Supported authentication methods There are three MFA options available: Authenticator App on your mobile phone (preferred method) Text to a designated number Call to a designated number, including dedicated (direct) landlines or soft phones It is recommended that NHSmail users register an alternative method of multi-factor authentication (MFA) for emergencies, such as an alternative mobile phone number or set up the Microsoft Authenticator app on another mobile device.
ENFORCED ENROLMENT ENFORCED ENROLMENT What happens if I don t self-enrol? During December 2023 NHSmail will commence enforcing MFA on user accounts. The enforcement will take place alphabetically by email address, so Aaron.Smith@nhs.net will be enrolled before Wayne.Smith@nhs.net. To access emails via the web browser after this enforcement, an additional method of authentication will be needed. To prevent any associated disruption, it is strongly recommended that NHSmail users self-enrol as soon as possible ahead of this enforcement.
RESOURCES AND SUPPORT RESOURCES AND SUPPORT To get started with MFA please follow this link: Getting Started with MFA NHSmail Support If you have any questions, please visit: MFA User Guides MFA Frequently Asked Questions (FAQs) You can also access resources here: SCW IT Training (scwcsu.nhs.uk) If you have any technical problems or require support to help set up MFA, then please telephone 0300 561 0550 or open a ticket via the Self-Service Portal - SCW Service Desk If you do not have a mobile phone, a dedicated landline or a soft phone, please email scwcsu.mfa-bob@nhs.net with a brief explanation of your concern and you will be contacted to discuss the matter. Please continue to contact the IT service desk for technical queries.
ADDITIONAL INFORMATION ADDITIONAL INFORMATION MFA is a mandatory requirement being implemented by NHS England and all user accounts for NHSmail will default to MFA enrolment from 1stApril 2024. New starters will default to enforced MFA enrolment from the date of entry of the new user to the ICB, therefore new starter processes within the ICB will need to account for this. Using multi-factor authentication on your personal device will not result in the collection, storage or tracking of any personally identifiable data. Personal mobile phone details are not used for any other purpose than protecting your account. Application accounts (those embedded in any systems such as EMIS, Docman, etc.) or those embedded in printers, scanners, copiers, etc., should not be enrolled to MFA. Generic mailboxes (e.g. TheMedicalCentre@nhs.net) are in scope of MFA, but shared mailboxes are not. The NHSmail Service Owner in SCW will identify these accounts and will be contacting owners of generic mailboxes directly to establish whether these are actually generic mailboxes, shared mailboxes or application accounts. If you re using the Microsoft Authenticator app as your authentication option, the push notification you receive on your phone to approve a sign in requires an internet connection. However, if you are using the app to access a one-time password code, an internet connection is not required.