Generali chooses Ilex International’s IAM platform to strengthen its Information Systems security, and save users the burden of multiple-password entry.
The solution implemented:
Sign&go Global SSO
Strong and adaptive authentication, access control, global SSO (Web SSO and eSSO), identity federation and mobile SSO.
The challenges
- Strengthen IS access security
- Open up the IS to partners in total security
- Simplify password management for users
Generali France, commitment and deep sense of responsibility
Founded more than 180 years ago in Trieste, Generali has been present in France since 1832, its oldest foreign location. Over the years, the French subsidiary acquired various France-based companies that were gradually consolidated to culminate in the creation of the single Generali France company in December of 2006. Generali France’s turnover reached 11 billion euros in 2016. The company relies on 10,000 employees to offer insurance solutions to 8.3 million customers, private individuals or beneficiaries of assurances through their business activities, as well as 800,000 businesses and professionals. Today, Groupe Generali is one of the largest insurers in the world. Its turnover in 2016 reached 70 billion euros. With 74,000 employees worldwide, serving 55 million customers in more than 60 countries, the Group is one of the leaders of the Western European market, and holds an increasingly important place in Central and Eastern Europe as well as in Asia.
Generali France provides its partners and customers with numerous application services. Access to these services requires customers and partners to identify themselves in order to verify that they are authorised to access the applications. An SSO mechanism was in place to optimise the user experience. It was the result of specific developments, and was not based on market standards such as OAuth or SAMLv2. This lack of conformity impeded Generali in the desire to securely open their IS to more stakeholders, for whom the support of these standards is a prerequisite before considering the services of Generali France. It was within this context that the access management project took shape in 2015.
Robust and modern access control infrastructure
Through this ambitious project, Generali wished to achieve two fundamental objectives for the group.
The first was to provide a robust and interoperable infrastructure based on standard market protocols (SAML, WS Federation, OpenID Connect, OAuth). This would allow them to open their IS to all their business partners, as well as to easily interface with external services in total security.
The second was directly related to users. It was imperative to optimise user experience by generalising single authentication across all of the application services Generali offered.
« We had an internally-developed SSO module called ‘GEF2’; however, for security reasons it wasn’t possible to develop our IS whilst opening it up to our various partners (internal, agents, traders, etc.). Yet in the digital age, we were aware that it was essential and a true growth factor for the company. On the user side, the entry of multiple passwords to access our IS was no longer desirable. Indeed, each morning, users had to enter their primary account (corporate), but also where necessary their so-called ‘secondary’ accounts, in order to subsequently have access to third-party applications. The connection to several accounts, as well as the entry of multiple passwords was tedious and affected IS ease of use. »
All Ilex International’s expertise, serving Generali France’s teams
In order to test the industry-leading solutions in real situations, Generali France decided to organise a Proof-Of- Concept (POC). The successful solution absolutely needed to be agile and adapt to the existing one, whilst remaining open and interoperable. Indeed, it was necessary to accommodate the old SSO solution, GEF2, with the new one during the application migration phase. It was ultimately Ilex International and its access management solution, Sign&go Global SSO, which stood out by responding to all of Generali’s requirements.
Unique on the market, Sign&go Global SSO provides, via unified server architecture and centralised administration, all the features from strengthened and adaptive authentication to identity federation, by way of eSSO, Web Access Management and mobile SSO. It’s a true ‘Authentication and federation hub’ which covers the full range of existing authentication means, whichever environment is used (Workstation, Web or Mobile).
« We entrusted Ilex international with our project for several reasons. First of all, Ilex International attracted us with their iterative approach and proven expertise. With Sign&go Global SSO’s ability to address all types of Web applications and to interface with our existing, already deployed solution, we would have a substantial guarantee of security and reliability. Their experience on numerous projects of varying sizes was a considerable asset, and reassuring to us. The POC also allowed us to evaluate not only the robustness of the solution, but also the expertise and responsiveness of the teams. With Ilex International, we knew that the consideration of our expectations related to the new uses of the market were ensured. »
The project is structural and requires proceeding in an iterative manner. The applications are gradually connected and the objective is to ultimately cover all of Generali France’s applications.
In terms of the opening up of IS, identity federation mechanisms were implemented and have already enabled the first partner applications to interface.
« At Generali we have a central customer management application, accessible from several user portals, that enables our internal administrators, agents and traders to manage contract underwriting, claims reports, etc. Through the new infrastructure implemented, it is now possible to access this without additional password entry. It is also possible from the central application to access the application from Europ Assistance, one of our business partners, securely and with full transparency. The path is fluid; it’s a true, undeniable time saver for our users! The technology is no longer seen as a burden—on the contrary, it is now being used for professional purposes. »
An innovative SSO solution, enthusiastic users, and phased deployment
The project is progressing well, and since its launch, has seen 25,000 authentications each day and around 8,000 distinct users. The next important step will be to connect one of Generali France’s major portals to the SSO. This portal is used by all employees and allows them to access other third-party applications, amongst which are applications connected to the Mainframe. Ultimately, 57,000 users (within Generali France, as well as all of the professionals belonging to our partner companies) will be able to take advantage of secure and user-friendly applications services.
Bolstered by positive feedback and wishing to successfully pursue the technological developments initiated, the company would eventually like to modernise access management for their customers in order to provide them with services that are adapted to their new behaviours.
The benefits
- Optimal Security
- Ease of Use
- Conformity and standardisation