Case Studies Archive Search Case Studies

Government Agency Protects Citizen Data, Improves User Experience with F5 Solution

Tight data security is an absolute imperative for government organisations all around the world. The National Board of Health in Sweden holds vast amounts of personal information about citizens and relies on F5 solutions to help it secure this highly sensitive data.

The organisation recently deployed F5 BIG-IP Access Policy Manager (APM) to improve the management of security policies, reduce IT costs, and deliver a better user experience.

Business Challenges

The National Board of Health and Welfare in Sweden (Socialstyrelsen) is a government agency under the Ministry of Health and Social Affairs. It holds personal information about 9 million citizens, as well as archived records about Sweden’s deceased population going back many decades. Due to the sensitive nature of this information, the organisation has to provide extremely tight data security at all times.

“We hold information on things such as births, deaths, and monitored diseases,” explains Peter Bygden, IT and Operations Team Leader at the Swedish National Board of Health. “We have to keep this data secure. Failure is not an option.”

The organisation had two, somewhat conflicting, goals. On the one hand, it had to put many layers of security in place to prevent unauthorised access to its data. On the other hand, however, it wanted to make it easier for its authorised users to access internal systems, both from their desks and from external locations.

At the time, the organisation was using a mix of different multi-vendor solutions to authenticate users, and these were costly and time-consuming to manage. It hoped to replace them with a single, unified access system, but in meeting the needs of its employees, it couldn’t afford to jeopardise its data security in any way.

Simultaneously, the National Board of Health had to upgrade its systems to enable them to handle the next generation of IP addresses, IPv6. To comply with Swedish legislation, every government organisation in the country has to be IPv6-ready by the first of January 2013.

“The total cost of ownership of the BIG-IP APM solution will be significantly less than that of the systems it replaces.” Peter Bygden, IT and Operations Team Leader, Swedish National Board of Health

Solution

The Swedish National Board of Health decided to deploy F5 BIG-IP Access Policy Manager (APM) to help it simplify access to its internal systems and improve its security management. IPv6-ready, this high-performance security solution gives organisations a single point of control for all website traffic, remote access, and LAN access, and it enables IT teams to manage security more effectively. 

The Swedish National Board of Health was already using F5 BIG-IP Local Traffic Manager (LTM), so it could simply add the BIG-IP APM module to its existing BIG-IP LTM chassis. “It didn’t make sense to bring in another third-party solution from an entirely different vendor,” says Bygden. “It made sense to have it all in one box.”

BIG-IP APM was deployed with help from a team of technical specialists from F5, who set up policies to govern access to the organisation’s internal systems and enforce tight security controls for its external website. “The F5 consultants were true professionals,” recalls Bygden.  “They understood our situation and knew exactly what to do.”

As part of the project, the F5 team integrated the BIG-IP APM solution with Nordic Edge’s One Time Password (OTP) Server. This strong authentication solution sends a one-time password through SMS or another preferred channel.

“This type of authentication is the ideal combination of enhanced security and user- friendliness,” says Andreas Carlsson, Product Manager at Nordic Edge. “It’s exactly what an institution such as the National Board of Health needs to secure information while making the system easy to work with.”

F5 technical specialists configured the BIG-IP APM module to create “tickets” in the Kerberos network authentication protocol and exchange these with the Nordic Edge OTP Server to create a seamless process for single sign-on. “Our corporate users authenticate using a smartcard and do not need to remember a password or username,” Bygden says. “This makes our system much more secure.”

“This makes our system much more secure.” Peter Bygden, IT and Operations Team Leader, Swedish National Board of Health

Benefits

F5 BIG-IP APM has given the Swedish National Board of Health greater control over its access management policies and procedures, as well as improved network visibility. As a result, the IT team can manage security more effectively and ensure that only authorised users can access sensitive data. “It is easier to see what is happening on the network now,” Bygden observes.  “Consequently, we are more secure.”

The organisation’s IT team is also able to work much more efficiently because it has a single solution and a central management interface in place of many disparate systems.  “We now have all our access controls in one place,” Bygden says. “I estimate that I will save one or two days every month.”

These time savings translate into reduced costs for the organisation. Bygden ascertains, “The total cost of ownership of the BIG-IP APM solution will be significantly less than that of the systems it replaces.”

Employees, too, have benefited because it is now much easier for them to log on to internal systems to do their work, whether they are at their desks or working remotely. They no longer have to use multiple different sign-in processes or remember a host of different passwords or usernames. Instead, they simply enter their mobile phone number, and a unique one-time-only password is sent through SMS to their phone. With this improved access to internal systems, employees can now work more productively.