Insurer in France protects against internal fraud with One Identity Manager

Fraud is a multi-faceted threat that is of growing concern for all businesses today.

Companies in the insurance industry are more at risk than most, given the fact they handle masses of highly sensitive financial data. In light of this, Natixis Assurances Metiers Non Vie (NAMNV), a French insurer, wanted to minimise what it saw as its most pressing vulnerability: internal fraud, which is often enabled by weak identity and access management practices.

NAMNV’s legacy approach to identity and access management (IAM) consisted of Microsoft Excel spreadsheets, which IT staff kept up to date manually. This didn’t allow IT to reliably track requests and it took a week to create a single user profile. It was this set of sticking points, alongside the wider context of fraud reported in Hermes’ survey, that encouraged NAMNV to move forward on its internal IAM transformation.

It identified several objectives that its new solution needed to provide. To reduce the risk of internal fraud, NAMNV wanted to track and automate its user lifecycle processes — origin, authorisation, and recertification — and implement richer management workflows. The insurer also wanted more comprehensive reports with on-demand data tracking to satisfy the frequent requests sent by internal auditors. Finally, NAMNV wanted to automate and update its processes, such as recertification, to free up the IT team by giving business managers increased visibility and control.

The One Identity solution, which included Identity Manager and Password Manager, stood out. Identity Manager's architecture uses open databases, and it easily integrates with Windows virtualized environments for shorter deployment times because it doesn’t need extra servers to process tasks – both important advantages for NAMNV. The solution also provides key functionalities, including request tracking, profile creation, recertifications, and full visibility on authorisations. In short, the solution promised NAMNV a more rigorous, efficient, and transparent way to manage and govern identities and access.

Read full case study