Departmental Data Protection

Anne Main
To ask the Secretary of State for Work and Pensions whether his Department uses WPA2 encryption protocol on all its wireless networks.

Jonathan Shaw
Information is a key asset to Government and its correct handling is vital to the delivery of public services and to the integrity of HMG. The Security Policy Framework, the Data Handling Report and the National Information Assurance Strategy produced by the Cabinet Office provide a strategic framework for protecting information that Government handle and put in place a set of mandatory measures which Departments must adhere to.

Departments follow CESG guidance on the use of the Wi-Fi Protected Access 2 (WPA2) communications security protocols in order to protect wireless networks carrying protectively marked (up to RESTRICTED/IL3) traffic. The configuration and operation standards for WPA2 are set out in CESG's Infosec Manual Y, Use of WPA2 Wireless Security in Government Systems.

The DWP is fully compliant with HMG 1A Standard No. 4—Communication, Security and Cryptography for the encryption of data—on all its wireless networks.