The UK government has released a new WiFi service in private beta for public sector organisations, designed to coordinate and replace disparate user and guest connectivity solutions with a single secure network.
GovWifi, managed centrally by the Government Digital Service (GDS), can be operated across existing infrastructure and hopes to provide a seamless, secure WiFi connection for both staff and guests as they move from building to building.
A Guidance document explains how the cloud-based authentication service coalesces various WiFi networks into one infrastructure, via the RADIUS open standard. The service offers high-availability, automatic scaling, failover and load balancing.
According to the publication, each end user is protected with unique credentials and encryption keys when they log into GovWifi and access the internet. The user credentials are randomly generated so they cannot be used to access other systems if stolen.
When logged in, end users are able to access their organisation’s resources just as if they were working remotely. The document further notes that user’s devices are isolated from each other in order to prevent the spread of malware and protect secure devices from less secure ones.
The GovWifi network is also able to establish its identity in a manner that cannot be spoofed, adding a further security measure against potential malicious actors.
The government advises that participating WiFi installations must meet the requirements defined in the Guidance Sharing workplace wireless networks. The recommendations include configuring user devices to automatically check that the correct certificates are presented by the network so that users do not connect to a fake network.
Organisations are also required to implement WPA2-Enterprise (AES) encryption to guarantee privacy, client isolation to protect users from each other, and anonymous identity to encrypt usernames.
For now, the initiative remains in private beta with the GDS still making improvements before the official release. In the meantime, public sector technical teams are invited to get in touch and participate in the beta stages.