You’ve changed – how NHS password management is evolving

By February 26, 2020Awards

Claire Thorpe, Head of Marketing at Isosec, takes a look at the NHS login landscape and how NHS password management is evolving. 

At the beginning of January, we discussed NHS password reset and how we can resolve to have better password management for NHS system users and clinicians.  Since then, the announcement of £40 million being invested into NHS Single Sign On was very welcome news for those of us committed to making authentication easier for the NHS. In this article, we take a look at the issue of password management specifically and how this needs to be resolved prior to considering the wider NHS Single Sign On challenge.

The password management challenge

NHS clinicians and staff have on average maintain 15 different passwords to access the systems they need to use everyday. That’s a lot of IT support requests and a lot of clinical time wasted if passwords are forgotten. The truth is most Trusts today are still heavily reliant on their IT support teams to tackle the daily password management challenge. And as the drive towards digital transformation in the NHS is ever more prevalent, it’s only going to put more strain on already creaking-at-the-seams busy NHS IT teams.

Many Trusts try to alleviate the issue by adding further layers of hardware and software on top of already outdated infrastructure, making the problem often worse. We have often seen Trusts implement a single sign in solution expecting a ‘one stop shop’ service, however the password element still needs to be updated centrally if it expires, often perpetuating the issue.

Looking at the bigger picture of password management and single sign on will pay off for Trusts who want to look at access across its entire infrastructure, rather than in department and system silos. Simple places to start are self-serve solutions to empower their workforce to start taking more control of their own logins and reducing the burden on support teams. 

The self-serve evolution

Our personal devices offer us a whole range of self serve password management options these days – biometrics and autofill are often something we take for granted these days. NHS Digital took the first step towards this consumer-grade experience for patients, announcing NHS login incorporated into the NHS app. It’s great to see a patient-first approach from the NHS to make health information more accessible, however the consumer experience still leaves a lot left to be desired for the NHS frontline systems.  

There are an array of password reset solutions on the market for the NHS, but often if developed inhouse are still cumbersome to maintain, and even third party suppliers require some sort of physical upkeep on their solution which means IT teams are still expected to proactively maintain the solution. 

The move to cloud based password management solutions will help Trusts quickly gain return on investment, being ‘lighter’ in load compared to solutions that require on-premise management. It reduces cost and effort for Trusts to deploy, and alleviates the strain on in-house teams to monitor and maintain a cloud based system. 

Password management in the clouds

The evolution of password management within the NHS is paramount to ensure our health data is kept secure at all times, whilst giving NHS clinicians and staff the power to self serve and gain access to data whenever and wherever they need it. Isosec’s password reset service is delivered in the cloud and allows users to seamlessly reset their Windows AD password credentials without time consuming use of IT Helpdesks. The next step in that evolution is to include full password management that users can benefit from and further reduce the IT help desk pressure. Continuing to innovate our cloud based solutions for the NHS means Trusts can quickly gain return on their investment, and gain the benefits of self serve password management straight away. We’ll share more about this in the coming weeks.

Ready to evolve?

Why not become part of the cloud evolution of password management and give us your views on password management by taking our password management survey. 

Harry Robinson

Author Harry Robinson

More posts by Harry Robinson