NSIS solutions for the private and public sectors, including finance, insurance, state and municipality
In 2021, NemID will be replaced by MitID, whilst employee signatures (MOCES) are set to be replaced by corporate identities. At the same time, The Danish Agency for Digitisation will introduce a number of new requirements for IT user authentication, which are set out in the so-called NSIS standard. This means that you will have to assess how your existing access and user management solutions need to be adjusted to fit the new public infrastructure.
Globeteam’s NSIS solutions are adaptable, meaning we can come up with a solution that fits your specific needs – regardless of whether that is on site or in the cloud. You can choose to start small, with a basic IdP solution that solves some of the challenges related to NSIS, and can be expanded upon at a later stage if your needs change. Or, you can choose to go with an extended solution now that digitalises all NSIS processes and provides full compliance with the standard. We can also assist you in the larger compliance work involved in the solution.
The National Standard for Identity Assurance Levels (NSIS) sets out several new requirements that you as an organisation will need to adhere to if you either use or offer digital self-service solutions for corporate users. These same requirements will apply to self-service solutions for citizens by the end of 2021 or early 2022, when the switch from NemID to MitID is made.
Therefore, the first and most important thing you will need is an overview, detailing what it will take for you to be compliant with the standard, and highlighting the best way to approach the task. We offer an NSIS analysis where we work with you, mapping the best possible path to compliance with the standard.
But what exactly is NSIS?
NSIS is the Danish version of the EU eIDAS regulation, whose objective is to create a common framework of trust for digital identities, and it affects all public systems within digital identity services. This includes health, tax, courts, finance and insurance sectors, citizens’ services, among others, and any of us who have to access the systems will be subject to this new standard. It requires that identities and application users be verified at one of three levels: low, substantial or high. This will take place by establishing a local IdP for authentication.
Why use a local IdP or IdM?
Today, you use employee signatures that might be managed locally at your premises via the so-called “local signature server solution” (LSS). However, employee signatures will no longer be in use, and so you will have to switch to another method of setting up and authenticating your (corporate) users against public IT systems.
You could choose to either administer the users directly in the new common public NemLog-in solution, which will also be responsible for handling corporate identities in the future. This means that everything will have to be carried out manually.
Alternatively, you could use the concept that is referred to in NSIS terminology as local IdP (Identity Provider) and/or local IdM light.
With NSIS local IdM light you can synchronise all your user identities against NemLog-in. This ensures the relevant users always have access to setting up a profile with NemLog-in and running logins to the public systems from there, and it also means that the users are then deleted when they leave you.
With NSIS local IdP you take on the responsibility yourselves of authenticating identities against the public systems. This provides the users with a number of advantages, such as single sign-on to the public systems based on your existing login solution (typically Microsoft AD or Microsoft Azure AD) for example.
However, establishing a local IdP solution increases your auditing burden significantly. In many cases, you will have to produce a yearly audit statement for the Danish Agency for Digitisation, documenting your compliance with the NSIS standard in your daily work.
In response to this, we have built into our NSIS solutions packages the option of various extra modules for our local IdP solution. These make it possible to digitise almost all the audit processes.
Our NSIS solutions: Local IdP, including additional elements
Globeteam offers a solution model that consists of a basic IdP solution and two expansion modules. All elements of the solution have been developed with the aim of achieving as much automation and digitisation of the NSIS requirements as possible, providing the greatest flexibility in meeting your needs whilst also ensuring a high level of user-friendliness for the end users.
We can deliver your solution with software that is installed locally at your premises. Or, alternatively, we offer a Managed Service where we maintain the operation of the solution and also take on the work (and expenses of) developing the required audit statement for the majority of the NSIS controls.
NSIS guidance and revision
Globeteam offers guidance on the organisational implementation of the NSIS processes, and design and implementation of IdP or other NSIS solutions.
In order to make sure that you fully comply with the legal and technical audit requirements, we also work with a professional IT auditing firm that can carry out the audit at your end for an excellent price.
Why choose Globeteam as your NSIS supplier?
You should choose us because there’s no other company in Denmark with more extensive experience delivering solutions within this specialised field, usually referred to as ”federation solutions”.
Globeteam has been delivering large and small federation solutions within various industries since 2006.
Many of our simple solutions were based on Microsoft’s federation server AD FS (Active Directory Federation Services), for which we have also developed extra modules over time.
We have also delivered some very large and complex solutions based on the Safewhere*Identify product, which excels by being the only federation server that contains full support of the Danish standards OIO IDWS, OIOSAML and OIOSAML Local IdP Profile as well as all the common international federation standards.
This is why Safewhere*Identify, among others, handles the many million annual logins that take place at the Danish Agency for Modernisation of Public Administration, KOMBIT (support systems access management for systems and users) and the Danish Environment Portal.
This is why we are the obvious choice of partner when the Danish public sector completely switches to federation for the implementation of eIDAS via the new NemLog-in and MitID in 2021.