When digitalizing public administration, one question is unavoidable: Is the confidential data about citizens, companies, and organizations actually secure? Is the protection of health, economic, social, political, or even juristic information guaranteed?
The key is to carefully select network technology and IT infrastructure.
When using the hardware and software for Internet access and data transport, important EU directives and IT security standards must be observed.
Anyone who also pays attention to self-reliance, flexibility, and sustainability can independently and prudently manage their digital systems in the long term.
Read here how the public sector and operators of critical infrastructure can work with digital confidence and security.
Secure and sovereign digitalization with the NIS2 requirements
Public administration and the research sector will be covered by the EU Network and Information Security Directive, NIS2, in the future. It must be transposed into national law by October 2024. Compliance will be carefully monitored. This makes it all the more important to prepare for the new requirements now and take appropriate measures to comply – also to strengthen your own Digital Sovereignty. We are happy to help you identify these and implement them with digital sovereignty.
Check the need for NIS2 action now and strengthen Digital Sovereignty in the public sector!
What is digital sovereignty?
Digital sovereignty in the public sector means: Agencies and authorities have complete control over the data they store and how it is used. They decide on the design and use of IT infrastructures and digital technologies and protect themselves from manipulation, risky dependencies, and losses. The consequence: Autonomy and the ability to act at all times. Solutions from LANCOM Systems are the ideal choice for achieving these goals.
Reliable planning thanks to the transparent lifecycle management: Even after their official discontinuation (EOS), devices receive major releases for a further two years and, with LANcare or other support contracts, for example, security updates and technical manufacturer support until the End of Life (EOL) of the device – i.e. for a further five years after discontinuation.
The focus study “Digital Sovereignty” (2021) by the Leibniz Centre for European Economic Research (ZEW) for the BMWK highlighted an increasing awareness of the importance of digital sovereignty, but also revealed that significant progress is still needed.
While the ZEW study primarily addresses the awareness, significance, and background of digital sovereignty, the recent LANCOM, techconsult, and Handelsblatt study, “Digital Sovereignty at Companies in Germany” (2023), provides a detailed analysis of key areas, including hardware / infrastructure, software / applications, IT security, and data management.
This study offers valuable insights into the status quo of digital sovereignty in Germany, focusing on specific technical aspects such as the origin and delivery of components, cloud usage, crisis management, development and migration options, and various security considerations in IT infrastructures.
Discover the study’s enlightening findings:
Get the complete study for free
Notice: The study language is German only.
High availability
Crucial for any administration to function is the consistent availability of information and services. System failures can have far-reaching and serious consequences in the public sector and must be ruled out. In the eyes of the citizens who have become accustomed to online services being available around-the-clock, accessibility is also a clear plus point.
How to ensure fail-safe systems:
Be sure to use devices with more than one type of connection (e.g. 5G or 4G / LTE as well as pure DSL) so that you can switch to an alternative line. The same applies to the redundancy of power supplies in mission-critical, core components such as aggregation switches. The geo-redundancy criterion applies to (cloud) servers so that, for example, a natural disaster at one server location does not destroy the operating data as it is fully replicated at another location. Routers with active / active mode allow multiple Internet connections to be used in parallel and to provide ideal load balancing and better bandwidths.
Integrity
Nothing is as upsetting as the knowledge or feeling that personal data has fallen into the wrong hands. So gaining citizens' trust in their public administration depends greatly on the integrity of data and the correct functioning of systems by protecting them from data leakage, the manipulation of data and systems, and sabotage.
For a trusted handling of data you need:
The trusted handling of data and data streams means adhering to EU guidelines, GDPR, and compliance requirements. This includes compliance control, i.e. the regular monitoring of compliance with legal regulations and guidelines. Any components used should be guaranteed backdoor-free. The trust mark “IT Security Made in Germany” and certification by the German Federal Office for Information Security (BSI) are good evidence of how trustworthy the products are.
Cybersecurity
As representatives of a state, government agencies are an obvious target for politically motivated hacker attacks. Their invaluable databases attract thieves and extortionists. And in particular attacks on critical EPCIP infrastructures, such as hospitals or energy suppliers, have enormous potential for damage and drastic effects on the population. A core task of any state is to ensure that citizens are safely supplied. This is why special protection concepts apply to critical infrastructures.
Core elements of network security:
- The framework is set by a cloud security policy, i.e. authority-specific guidelines for the use of the cloud, including objectives, target groups, types of information, as well as permitted and prohibited services.
- Proven concepts and technologies are available for the implementation of security guidelines. This includes client-side end-to-end encryption of data traffic, secure data exchange via VPN or the zero-trust principle, separation of networks, access control, and the strict management of roles and rights.
- Unified Threat Management (UTM) combines several easy-to-use security functions to help with a coordinated defense against IT attacks.
- Next-generation UTM firewalls ensure a higher level of security by filtering data traffic inside the network itself. Individual applications or groups of applications can be blocked, or traffic can be redirected. This clamps down on the use of risky applications.
- Protection from cyberdamage comes with backdoor-free solutions, current and exhaustive data backups, as well as security guidelines and training courses that reduce the risk of human error.
Autonomy
In order for a public authority or institution to be able to act independently at all times with regard to information technology and data, all relevant decision-making and implementation competencies must lie directly with them. For example, your IT network should remain adaptable and capable of growth and should be maintained and serviced as independently as possible.
How to operate network technology without being dependent:
Specialists have to be employed and expertise has to be established – do this by offering high-quality training courses, workshops, and certification programs. It is also essential to have your own crisis management with a cybersecurity emergency plan. When choosing technology suppliers, long-term reliability is key: Ask about the strategy for device and part replacements, upgrade options, and whether you can configure applications by yourself.
Future viability
Digital sovereignty means being able to act at all times, including in the future. This is achieved above all through long-lasting quality and functionality of hardware and software, future-proof technologies, and a flexible way of thinking: Every aspect should be capable of being updated, developed, or improved.
Digital sovereignty also means foresight:
Products from your technology partner should “age well”: The products score with automatic updates, patches, and the option of migrating to more modern systems. Look for transparent lifecycle management. Trustworthy providers act with an eye on the future and develop forward-looking solutions. These currently include Internet connections based on fiber optics and 5G, or future-proof Wi-Fi (Wi-Fi 7, Wi-Fi 6E). Also look out for professional network virtualization where specialized hardware, such as routers and firewalls, is replaced by software on standardized industrial servers. These systems are easily expandable and relatively inexpensive. Further characteristics of good suppliers are their own dedicated and qualified support and the ongoing training of their employees.
Virtual private networks (VPN)
The standard for secure data exchange is VPN (Virtual Private Networks). For the trusted networking of sites and mobile employees, this technology ensures that communication via the Internet remains completely inaccessible to outsiders. With software VPN clients, employees in the field and working from home can be quickly and securely integrated into the public authority network via VPN.
Zero Trust
Zero Trust is a new, forward-looking concept for secure communication between business units and employees that works with highly differentiated authorizations at application level and security levels per employee and service.
LANCOM Trusted Access makes this easier, more scalable, and more secure than ever before via the LANCOM Management Cloud hosted in Germany.
Solutions for public authorities from LANCOM Systems
Together with experienced IT partners, LANCOM Systems supports the public sector with the planning and implementation of secure and stable network infrastructures “Engineered in Germany”.
LANCOM Systems offers:
- Expertise and experience in building networks in the public sector
- Fail-safe routers and gateways with a variety of interfaces, backup lines, active/active operation, as well as resilient switches with redundant power supplies, and a geo-redundant management cloud
- Trusted, GDPR-compliant products according to the highest compliance requirements, multiple award-winning VPN and network management solutions (PUR-Champion VPN and Network Management & Monitoring, Channel Excellence Award Networks and Security, ecovadis Gold)
- Maximum network security using Next Generation UTM firewalls, the secure LANCOM Management Cloud, guaranteed freedom from backdoors, and many options for access control and network segmentation
- Professional hardware and software with user-friendly management interfaces, numerous upgrade options, in-house manufacturer support, and a comprehensive range of workshops at the LANacademy
- Future-proof devices with long-lived operating systems and transparent lifecycle management for all routers/gateways, access points, switches, and firewalls
Seals, standards, and certificates:
- Trust mark "IT Security Made in Germany" (ITSmiG) for data protection and compliance: Companies that bear this seal have their headquarters in Germany and are committed to the trustworthiness and data-protection compliance of their solutions.
- BSI-certified security
- EVB-IT ("Ergänzende Vertragsbedingungen für die Beschaffung von Informationstechnik", supplementary terms of contract for the procurement of information technology): Public sector conditions for the purchase of IT services must be observed by the contracting authorities and are binding for federal agencies. LANCOM products comply with this directive.
- Sustainability, Corporate Social Responsibility (CSR)
Master the digital transformation with confidence through a needs-based and future-proof IT transformation. The procurement of IT equipment, software and services from a certified service provider who guarantees compliance with the EU General Data Protection Regulation (GDPR) gives you legal certainty, cybersecurity, and the ability to act.
However, digital sovereignty is not just a question of security and responsibility. Above all, it offers you the freedom to find solutions and master the challenges for yourself. Digitally sovereign cities, communities, and states strengthen every nation and association. And LANCOM Systems strengthens digital sovereignty.
Thomas Wenderoth
VP Business & Market Development
thomas.wenderoth@lancom.de
Tel.: +49 2405 49936 258
Mobil: +49 151 17487525