The insurance sector is highly regulated. Sensitive information must be protected in compliance with regulations, with as little impact on business as possible. At the same time compliance with regulations has to be proven to auditors.
Key to this is managing and enforcing user permissions to information. However, in many organizations legacy IT systems and old authorization models have proved inadequate to meet ever-stricter compliance. This means much of the work is done manually. Granting and renouncing user permissions in the joiner/ mover/leaver process, for example, is often the responsibility of department heads and other management – something that is both time consuming and difficult to manage.
- How Swiss Re introduced ABAC
- Eliminating time consuming and ineffective processes
- Meeting regulatory compliance