NSM Releases New Recommendations on National Control

The Norwegian National Security Authority (NSM) has unveiled recommendations from the concept choice analysis for a national cloud service.

On behalf of the Ministry of Justice and Public Security, NSM conducted a concept choice analysis for a national cloud service. The main documents from the analysis and quality assurance are now public.

NSM’s recommendation is to establish a cloud service owned and operated by the state itself, in conjunction with the state entering into agreements with a few commercial enterprises. These enterprises would own, deliver, develop, and operate cloud services.

The recommendation of a two-part solution provides a higher level of national control and functionality compared to a purely governmental or commercial concept alone.

Read the analysis: Concept Choice Analysis for a National Cloud Service is public.

Control over ICT Services Norwegian entities must enhance national control over crucial Norwegian ICT services. In the ultimate consequence, a lack of control over ICT systems could undermine Norway’s sovereignty, territorial integrity, and democratic governance.

In connection with the concept choice analysis, NSM has also produced a thematic report highlighting key factors to ensure that ICT services are under sufficient national control.

Norwegian entities should, among other considerations, assess the use of data centers in Norway and the extent to which all layers of a service can, should, or must be operated exclusively by personnel in Norway. All entities should include preparedness as a factor and adopt a long-term perspective to ensure robust services.