Asset Publisher

Kanta is a critical societal function with a top priority on ensuring the availability of services

Blog - Professionals Written on 13.02.2017 All blogs

‘The use of Kanta Services is increasing and new services are constantly added to the service. Currently, about 4,500–5,500 messages are received by the Patient Data Repository in just one minute,' says Development Manager Aki Kokkinen who is responsible for the smooth functioning of the service.

‘The technology of all Kanta services is duplexed. In practice, duplexing means that the Kanta Services have two identical data centres, in which case individual errors or hardware failures have no impact on the availability of services. On the other hand, the world is not perfect and Mr Murphy has always got something to say on the matter,’ Kokkinen points out. Kela has classified the Kanta Services as critical. Therefore, Kanta is supervised around the clock and we tackle any problem situations with immediate effect.

Denial-of-service attacks are a problem

This autumn, the users of Kanta Services have been discussing especially the denial-of-service attacks. This means that the service under attack is flooded by so much traffic that the website is no longer capable of processing all the requests. Legitimate users then experience either slowness of the service or a crashed website.

The attackers use vulnerable devices they have found on the internet. In principle, these can be anything from an ordinary computer to a baby monitor or refrigerator. Luckily, our own monitoring detects these attacks at a fairly early stage and we can take counter-measures immediately.

Hacked devices are connected to the cyber-attack network where they create fraudulent traffic in the service selected as target. A private person can maintain the data security of their own devices, for example, with sufficiently strong passwords. Organisations, on the other hand, should take care of a safe connection model – connections through a private network are better protected against service denial attacks than those connected through the internet.

The purpose of the attacks usually remains obscure: it can be a case of testing the systems or purely a malicious act. Nevertheless, every attack is reported to the National Bureau of Investigation. We also carry out constant cooperation with the Finnish Communications Regulatory Authority and our telecommunications operator to minimise the attacks and their impacts.

Deployment of new operating environments is underway

The IT infrastructure is never complete as the operating environment is constantly changing. As the volume of traffic increases, we must create new capacity by replacing old devices with more robust ones while also ensuring that the software is kept up-to-date.

‘The biggest technical change this autumn is the deployment of a new operating environment in the Prescription Centre. The Patient Data Repository and My Kanta Pages are already using the new platform. The Prescription Centre will soon follow suit,’ Kokkinen says.

Major technical changes in the Kanta Services are carried out during maintenance interruptions, and naturally all customers are informed of these in advance. The introduction of a new operating environment requires a service interruption of about 8 hours, which takes place between midnight and 8am when there is less usage in the system. Smaller updates are carried out at night-time through brief and strictly scheduled maintenance windows. The duration of these breaks is only a few minutes at a time, but they ensure stable and fast operation of the service.

‘If the service is slow, the user almost without exception thinks that the fault is with the Kanta Services. That may well be the case, but sometimes the problem may lie with the user’s device or an organisation’s internal data network. We tell openly about any disruptions to the Kanta Services, for example, on the Kanta.fi website, and therefore it is advisable to keep an eye on it if there are any problems. We also use other channels of communication, such as text messages and emails, which are sent to the recipients of disruption messages who have been notified by the organisations themselves,’ Aki Kokkonen points out.