Success Story

Merkur Versicherung AG Relies on Garancy Identity Manager as Their Central Authorization Administration Tool

With the introduction of the Garancy Suite, new authorizations are now only granted based on defined roles. Supervisors can use the Garancy Portal to independently manage access rights of their teams. This results in a high degree of flexibility for the business departments while reducing the IT overhead at the same time.

Download PDFDownload PDF

The Beta Systems Garancy IAM Suite was the only product that integrated seamlessly with our home-grown core insurance software.

merkur-versicherung-logo.png
Nikola Birkic
IAM Administrator, Merkur Versicherung AG

Initial Situation

When Merkur Versicherung was founded in Graz in 1798, the Holy Roman Empire under Emperor Franz II was in its final stages. This makes today’s Merkur Versicherung AG, headquartered in Graz, undisputedly the oldest insurance company in Austria. Nonetheless, in terms of technology and organization it has always been a frontrunner.

With the IAM solution from Beta Systems, the insurance company now has full control over who accesses which systems and when. It thus meets all the requirements of the financial supervisory authority, while benefiting from streamlined internal workflows at the same time.

While other companies were still pondering how best to distribute paper inboxes during the pandemic, Merkur already had an “eWorkplace” – an electronic workplace where correspondence is received exclusively digitally and forwarded to the right employee via workflows. “Many similar applications have been added to our IT landscape in recent years,” says Eva Kainz-Kaufmann, certified insurance broker in the department of “Information Technology – IT Management” at Merkur.

For all of these applications, the insurer must define who can access any given system in what manner and for how long. Up until recently, these permissions had been assigned via the ticket system Jira. In this system, the specialist departments had to create tickets to submit their requirements as to who may use which software and to what extent. The administrators of the individual target systems then implemented these for the individual user in the respective systems.

Challenge

An internal IT audit performed in 2017 uncovered the actual effort associated with this approach. Authorizations used to be based on individuals rather than roles. As a consequence, an individual ticket was created for each authorization request and there was no general transparency on who had which authorizations at any given time. “When the financial supervisory authority made inquiries, we always had to find this information in the individual tickets,” says Eva Kainz-Kaufmann. For security reasons, in particular, it is essential to know at all times who has which rights for which systems. It is equally crucial to be able to assign or revoke these rights without delay.

Therefore, the insurance company decided in 2019 to introduce a central authorization management tool. The market was sounded out together with an external consulting firm. Three vendors were shortlisted out of an initial selection of ten. Beta Systems ended up on top with its Garancy IAM Suite. In addition to the Merkur Information System (MIS), Lotus Notes, eWorkplace, and Microsoft Active Directory (including other connected systems, such as an solution for automatic mail generation) had to be linked to the IAM software.

Implementation

Implementing the role concept was the first step. While introducing the Garancy Suite, Merkur Versicherung AG started to develop a new role concept. Existing systems and IT authorization structures were thoroughly analyzed and cleaned up.

Outcome

With the introduction of Garancy, new authorizations are now only granted based on defined roles. The insurance company creates the roles in the Infoniqa HR system. Information such as the date of entry of employees, the department they work in and the position they have are of interest. Based on this data, each employee is assigned two basic roles: an organizational role and a business role, corresponding to the job profile. The organizational role basically defines the department of the employee, while the business role describes their activities in detail. This classification was decided by IT in consultation with the system owners as well as with the division managers of the respective department.

To pull off such a huge project during the pandemic solely via Webex was a remarkable achievement.

merkur-versicherung-logo.png
Martin Majhen
IT Manager, Merkur Versicherungen AG

Get Advice from Our Experts

Would you like to learn how your company benefits from Identity Access Management and how to implement an IAM solution in a pragmatic and efficient manner?

Send us a message and we will respond to you shortly. We look forward to hearing from you!

Download PDFDownload PDF

Customer

merkur-versicherung-logo.png
Year of foundation
1798
Number of employees
1000
Head office
Graz
Sector
Financial services
Merkur Versicherung AG
Conrad-von-Hötzendorf-Straße 84
8010 Graz
Austria

Tags

IAMIdentity Management

Share

Further Resources

Blog Article
blogpost_gartner_hype_cycle.jpg

Navigating the Future of I&O Automation: Key Insights from Gartner's 2025 Hype Cycle™

The landscape of Infrastructure and Operations (I&O) automation continues to evolve at a rapid pace, with emerging technologies promising to transform how organizations manage their IT infrastructure. Gartner's latest Hype Cycle™ for I&O Automation 2025 reveals fascinating insights into which technologies are gaining momentum and which are approaching mainstream adoption. This comprehensive analysis offers I&O leaders a roadmap for making strategic technology investments in an increasingly complex digital ecosystem.
Analyst Report
0902-gartner-report-2025-analyst-report.jpg

Read the 2025 Gartner® Magic Quadrant™ for Service Orchestration and Automation Platforms (SOAP)

In the 2025 Gartner Magic Quadrant for Service Orchestration and Automation Platforms (SOAP), Beta Systems Software was recognized as a Leader. Discover key market trends, vendor strengths and cautions, and how ANOW! Suite has been evaluated.
Blog Article
blogartikel_kubernetes.jpg

Workload Automation in Kubernetes: Bridging Technology for Modern Container Orchestration

How classic workload automation can integrate with modern Kubernetes environments. This article explores IBM Workload Scheduler, the Beta Systems Cloud Connector, and the roles of Ingress, Sidecars, and Git-based job definitions in enterprise IT automation for containerized infrastructures.