Insurance Case Study
Vordel secures the streamlining of a large insurance firm's online services
Background
Vordel's customer is a major insurance company, and is a subsidiary of one the largest financial services institutions in Europe, with over 20 million clients.
The company offers a range of products, including pensions, offshore and long-term investments, savings and mortgage repayment plans. Sales are generated via a number of channels, including the parent company and complementary distributors, which have a total of 35,000 brokers and independent financial advisors (IFAs), serving more than 500,000 customers throughout Europe.
Challenge
The insurance company adopted a two-phase approach to create online services for its broker (IFA) and brokerage (corporate) partners. Phase one consisted of an extranet, accessed by the company's broker network using web browsers. The insurer chose the Entrust GetAccess identity management platform to manage access control for this extranet. Following the success of phase one, phase two sought to allow communication with brokerage partners using back-office to back-office integration. For these large brokerage partners, the option of re-keying information into a Web browser was not feasible, and hindered the company's ability to access bulk real-time insurance services. For phase two, the solution was to create a Web Services gateway alongside the pre-existing Extranet.
When it came to choosing the security framework for phase two of its online services, the insurer needed to avoid recreating a second "silo" of policy and identity information. The insurer sought to manage the access control for its Extranet, as well as its new Web Services interface, all via a single interface.
Why Vordel?
VordelDirector was selected because of its unique ability to secure XML traffic while integrating with existing security infrastructure. The insurer deployed Vordel agents at multiple gateways, to intercept XML traffic, and with VordelDirector securely communicating with these agents, existing security policy rules stored in GetAccess are enforced on all XML traffic. The insurer can thus configure access control rules for its browser-using broker customers, alongside access control rules for its corporate customers who access its systems using Web Services.
By maintaining the security context from end to end, Vordel provides the insurance company with the confidence to extend its back-end systems and services to partners' systems across the company firewall. This enables the company to extract added value from the creation of a Web Services-based processing environment, by securely automating direct system-to-system integration.
Benefits
By using VordelDirector, the company is able to:
- Re-use existing security infrastructure - avoid creating new "silos" of policies, by allowing extranet and XML policies to be configured together.
- Save on software development costs - Vordel's products remove the need for costly coding, as policy configuration is through a console-based administration interface.
- Comply with regulatory guidelines for auditing and non-repudiation - address the internal and external mandates for regulatory compliance.
- Faster time to market and increased customer loyalty - Improved efficiencies for IFAs partners and increased confidence in transmission of sensitive data.
- Leverage new standards and specifications - in this case, WS-Trust, SAML, and WS-Security were used.
To find out more about this study and how Vordel's products can help your company email .
This site, and all contents and graphics, copyright © 1999 - 2008 Vordel Limited | Legal notices | Privacy policy