RL - Public Sector

Danish Defence

Issue link: https://resources.axway.com/i/1010717

Contents of this Issue


Page 2 of 4

axway.com 3 Enabling digital communication to comply with Danish law The Danish Defence is the unified armed forces of the Kingdom of Denmark, charged with the defense of Denmark and its overseas territories, Greenland, and the Faroe Islands. Its primary purpose is to prevent conflicts and war, preserve the sovereignty of Denmark, secure the continuing existence and integrity of the Kingdom of Denmark, and further peaceful development in the world with respect to human rights. Under Danish law, all government agencies must communicate electronically, using Denmark's e-Boks platform, rather than sending printed mail. Today, all Danish citizens have an e-Boks account, which provides companies, public authorities, and private individuals with a secure platform for digital communication. To comply with this new legislation, Danish Defence needed a secure solution for exposing APIs to send and receive information between their secure network and e-Boks. The solution also had to enable Danish Defence to communicate with other trusted third-party vendors, automate their processes, and sharply reduce costs associated with postal mailings. Point-to-point connectivity with trusted third parties In addition to e-Boks, Danish Defence needed to communicate securely with other trusted third parties by establishing a point-to-point connection with each external partner. A priority in this regard was the Danish healthcare system. In Denmark, each person can access their electronic medical file, which contains diagnosis and treatment information supplied by healthcare providers. Danish Defence needed to securely communicate with hospitals and doctors on the healthcare network. A typical use case would be to organize medical checkups for fighter pilots before they deployed. Although the solution would initially be used within Denmark, the goal was also to use the solution with international partners, in the context of Denmark's role as a NATO ally and member of the European Union. To avoid the "Snowden Effect," be proactive "We had to set up a secure connection to transport information in both directions," said Commander Kim Holm, Head of Policy & Architecture, Danish Defence IT. "We also had to control the information, both when we're sending it out and when it comes into our system." For outgoing transmissions, Danish Defence needed to specify normal behavior, so as to detect unusual behavior, and then permit or deny a transmission according to a set of rules, examining the sender, the proposed recipient, the volume and type of data being sent, and the date and time. "We don't want to have a Snowden effect," Holm stressed. "We needed to verify, for example, whether there is authorization to send hundreds of documents to a particular person's e-Boks. If the transmission is authorized, we release it; if it's unauthorized, the documents don't get sent." For incoming transmissions, Danish Defence needed to be able to inspect XML-based information and PDF attachments. From the start, they decided not to accept Word or Excel documents, given the risk they contain code or viruses.

Articles in this issue

Links on this page

view archives of RL - Public Sector - Danish Defence