FB pixel

Scottish Government emphasizes security of new platform for digital public services

Scottish Government emphasizes security of new platform for digital public services
 

Scotland is talking up the data security measures designed and build into ScotAccount, a single-sign on (SSO) service designed to streamline access to public services online. Laurie Brown, the digital information security officer for the Scottish Government, is spearheading efforts to provide strategic direction and governance for various digital public services, following the return of Scotland’s digital identity service.

According to a recent blog post, the ScotAccount digital identity service is intended to simplify the process of accessing public services by allowing users to sign in to multiple services with a single account. This system facilitates ease of use, and provides an option to verify and store personal information securely, which can be reused when applying for other services.

Brown’s strategy is built on three principles: privacy by design and default, security by design and default, and usability by design and default. The National Cyber Security Centre (NCSC) offers guidance to ScotAccount users, akin to the security practices required for banking, email, shopping, or social media.

The approach entails implementing both proactive and reactive security measures to safeguard information against cyber-attacks. This includes adhering to NCSC’s risk management guidance and establishing robust security governance and assurance protocols.

The ScotAccount platform follows Brown’s methodology for her security by design and default principle. The methodology, additionally, aligns with the UK’s Secure by Design Framework, embedding security measures and reactive capabilities in the service’s delivery and operation. The aim is to meet the public’s expectations for secure and private interactions with government services.

As ScotAccount approaches the final stages of its Beta phase, the blog post notes that the focus on “extrinsic assurance” — as per the NCSC model – is set to amplify. This involves external compliance and certification assessments, including the UK Government’s GovAssure scheme.

Additionally, ScotAccount is exploring compliance with the UK’s digital identity and attributes trust framework, potentially paving the way for future interoperability with the GOV.UK One Login service.

Related Posts

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

Reflections on the Global Digital Public Infrastructure summit 2024

The Global Digital Public Infrastructure (DPI) summit 2024 has drawn attention to the transformative power of DPI in driving digital…

 

Binding physical and digital worlds with biometrics key to decentralized ID

Stakeholders in New Zealand’s digital identity ecosystem addressed the evolution of identity systems, particularly focusing on decentralized identity and biometrics…

 

Swedish police want to fight crime with live facial recognition

The Swedish police want to use facial recognition in real time to crack down on serious crimes. Government investigators have…

 

Biometrics cycle from innovations to scale-up opportunities

Biometrics integrations range from the experimental to the everyday in the most-read articles of the week on Biometric Update. Yesterday’s…

 

US Justice developing AI use guidelines for law enforcement, civil rights

The US Department of Justice (DOJ) continues to advance draft guidelines for the use of AI and biometric tools like…

 

Airport authorities expand biometrics deployments with Thales, Idemia tech

Biometric deployments involving Thales, Idemia and Vision-Box, alongside agencies like the TSA,  highlight the aviation industry’s commitment to streamlining operations….

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events