Swedish Social Insurance Agency Does BYOD Right

The Swedish Social Insurance Agency’s role is to administer social insurance and to ensure that Swedish citizens receive the benefits and the allowances to which they are entitled. Swedish Social Insurance covers every person that lives or works in Sweden. Its purpose is to provide financial protection for families and children, the disabled, and for all citizens who are faced with work injuries, illness, and old age.

Everyone Benefits From BYOD
One of the most prominent trends in today’s working environment is the demand by employees for flexibility. Employees want the freedom to choose how and when they work, and not be confined to an assigned desk during assigned times while using assigned mobile devices. This new trend has a name: Bring Your Own Device (BYOD). BYOD is the practice of allowing employees to use their own personal mobile devices to access private company resources such as email, file servers, and databases. The big issue for organizations lies with the coexistence of this sensitive work-related data with personal applications and data. BYOD conflicts with an employer’s need for access control, user management, and secure login routines. Recently, McAfee and Citrix have proven that BYOD is possible, even in a public sector environment where the demands for security and access control are exceptionally high. By combining the McAfee® One Time Password Server and Certificate Services with Citrix virtual desktop infrastructure, the Swedish Social Insurance Agency is enabling its employees to use any device of their choice for work purposes. “BYOD and
safety is a question that many IT managers are facing today,” explains Andreas Carlsson, McAfee network security business unit product manager, authentication. “The agency’s BYOD solution, combined with the McAfee One Time Password Server, is a new way of achieving two-factor authentication. It secures company data while remaining user friendly at the same time.”

After four months of restricted testing, the agency observed that by permitting employees to bring their own devices to work, productivity improved, stress levels among staff were reduced, and the IT staff had better response times. With the help of the McAfee One Time Password Server, the agency can now offer its employees a type of flexibility that is rare in the public sector.

Attracting the Best
The agency takes great pride in being a forward-thinking employer on the cutting edge of technology. It has high ambitions to recruit the best and brightest in every field. To do so, it has to stay at the forefront of new developments and trends. “The younger generations are accustomed to using any device of their choice,” says Rickard Mattson, IT engineer at the agency. “Any employer without a plan for this will have great difficulty recruiting and retaining qualified personnel.”

When the agency investigated the possibility of using tablets, it promptly ran into challenges of security built around the agency information systems. All agency employees are required to carry smart cards for login. Login is tied to one particular device, and, without the smart card, employees cannot log in. In turn, this made it almost impossible for employees to bring in their own tablets into the workplace. However, with the introduction of McAfee One Time Password Server, that was about to change.

Seeing But Not Storing
The agency has had a longstanding relationship with both McAfee and Citrix Systems, so it was natural to look in that direction when it came time to select a BYOD solution. But how do you create a device-independent login solution when the fundamental demand is login through a smart card? The major challenge is that smart cards do not fit in mobile devices.

"When you know you can respond to a request no matter where you are, it is easier to achieve work/life balance. That makes you a more balanced person that will perform better both at work and at home."

Rickard Mattson
IT Engineer, Swedish Social Insurance Agency

This is where Citrix came in to play. As a leading developer of cloud and visualization technology, Citrix has created a virtual desktop infrastructure that displays the screen of a virtual client. Users can view and work with emails and other corporate data, but nothing is actually stored on the device itself. “Security is greatly improved compared to a VPN, since all you see are screen updates from a virtual client,” states Mattson. “Performance improves too, since all actions happen in the data center and are not dependent on the capacity of
the device.”

Securing Security
Even though employees were now able to access their corporate applications on their mobile device, the issue of secure access still needed to be addressed, and the authentication needed to live up to the agency’s extremely high safety standards. A combination of the McAfee One Time Password Server and McAfee Certificate Services does just that. The user logs into the Citrix application using the usual login. This action triggers a verification process that concludes with a URL that is sent to the user’s mobile phone. The user then verifies his or her identity by clicking on the URL. The result is a two-factor authentication that is as secure as the original smart card process; yet, it allows for the mobile flexibility that employees seek today. “Our goals are to be a cost-efficient, cutting-edge, and attractive employer,” says Mattson. This BYOD solution helps us achieve all three.”

Securing Devices and the Network Completely
Together, McAfee and Citrix have created a secure and user-friendly solution for a BYOD environment that few within the agency thought was possible. With the McAfee One Time Password Server solution, the Swedish Social Insurance Agency can now offer the flexibility that the current and future generations of employees demand. In addition to the flexibility,
Mattson expects an increase in productivity and lowered stress levels. “When you know you can respond to a request no matter where you are, it is easier to achieve a work/life balance. That makes you a more balanced person who will perform better both at work and at home.”

Swedish Social Insurance Agency

Customer profile

Agency charged with administering social insurance to Swedish citizens



IT environment

Wide range of client engagements with small and mid-sized companies


Deliver a BYOD solution that maintains strict security criteria, is clientless, and is easy to use

McAfee solution

  • McAfee One Time Password Server


  • Increase flexible access to information services results in improved productivity, lowered stress levels among employees, and better response times
  • Enhance ability to recruit and keep highly qualified personnel
  • Two-factor authentication to ensure same level of security as smart cards while giving
    employees greater flexibility to utilize their own devices without jeopardizing the agency network