Implementation of IAM Solution at Insurance Company

Description

Allianz Croatia is a prominent insurer based in Zagreb. The company operates as part of the global Allianz Group, one of the world's leading insurers and asset managers with private and corporate customers in almost 70 countries.

Industry

Finance & Banking

Location

Croatia

Challenge

Allianz Croatia sought to comply with requirements of the EU Digital Operational Resilience Act (DORA) in the area of access management. The compliance is not just a legal obligation in the European Union but also a major step toward stronger digital resilience as DORA ensures that financial and insurance institutions can withstand cyber incidents.

The need to implement an identity management system came from the basic requirement of increasing IT security in the organization and the requirements of the Cyber Security Act. Another essential task was to improve the efficiency of internal administration and management of access permissions for application users.

Solution

IBA Group successfully delivered an Identity and Access Management (IAM) solution for the insurance sector. The solution complies with the requirements of the EU Digital Operational Resilience Act (DORA).

The delivery of Identity and Access Management for Allianz Croatia involved analysis and design of the solution, and implementation of the Evolveum IDM midPoint system. The actual implementation consisted of developing connectors for the integration of end systems, especially the HR system, customizing the processes, and subsequently providing technical support services.

The project started with a detailed analysis and design of the final solution, reflecting all client requirements for the IDM system. IBA Group met the customer expectations and the project is currently in the support mode.

Project Objectives

  • Automation and optimization of employee management processes
  • Establishment of comprehensive identity lifecycle management
  • Inventory and management of organizational (business and application) roles
  • Bringing order to the employee system and organizational structure
  • Introduction of an inventory and auditing of IT activities of employees and external contractors
  • Improvement of the basic level of IT security in the organization
  • Establishing a unified and clear inventory of internal and external identities
  • Central management of all user permissions in a single application
  • Increasing the efficiency of permissions management, initiating automation, and minimizing human errors
  • Compliance with the requirements of cybersecurity laws
  • Establishing a set of rules for the introduction and integration of new applications into the organization
  • Compliance with EU regulations (DORA)

Results

Centralized identity and access management for more than 100 user identities administered by miPpoint

Allianz Croatia in cooperation with IBA Group implemented midPoint for improving and centralizing identity management. midPoint is an open identity & organization management and governance platform designed to cover both technological and business requirements of the organization. midPoint focuses on speeding up IT processes, reducing IT costs, and increasing call center efficiency, as well as regulatory compliance, information security, and efficient organizational management. Therefore, it is instrumental for both sectors, IT administrators and managers, security officers, and auditors.

Benefits

Originally, access permissions were assigned manually based on requests. This method was not perfect in terms of security, reliability, and speed. The internal departments were unable to provide the necessary settings to the staff in a flexible manner and the IT department was overloaded with repeated requests to assign or modify individual user permissions.

1/ Better user lifecycle management, increased efficiency, and automated IT processes

Using midPoint, the customer maximizes IT resources and responds faster to business requests. All this is done by adopting automation of identity and access management processes. The significant benefit is that midPoint decreases time for provisioning tasks throughout user account lifecycle management.

2/ Reduced administrative cost

  • Making employees immediately productive
  • Customers resolving issues without calling support
  • Quick response to security incidents

3/ Higher compliance efficiency

  • Automated onboarding and offboarding processes for interna! and external employees, account creation based on the job position
  • Definition and formalization of existing user/role management processes
  • Application owners synchronizing data with others

4/ Mitigating security risk

  • Enforcing consistent approval and audit processes
  • Proactively preventing identity policy violations
  • Ad-hoc reports, understanding Who has access to what?

5/ Greater user satisfaction

  • Managing password resets by users with the self-service Ul, no need to call support
  • Simplifying self-service access requests

With extensive experience in IAM implementation, IBA Group continues to support financial and insurance institutions in strengthening their digital operational resilience, improving security governance, and meeting evolving EU regulatory requirements.

For additional information, read the news release IBA Group Implements IAM Solution at Allianz Croatia

 

Tags

Related studies & insights

Cases Bank transfers automation
Insights RPA Has Truly Arrived December 4, 2018
Cases SAP S/4HANA FICA Solution for Complex Invoicing