Simple User Administration at DEVK – Even Without IT Assistance

DEVK has been insuring German policy holders against the risks of everyday life for over 125 years. At present, the DEVK Group is tending to approximately 4 million customers, insuring them against 14 million risks across all segments. A total of over 6,000 employees go the extra mile to provide customers with quick and effective assistance. DEVK’s goal: significantly simplify and accelerate access rights allocation across all corporate IT systems. Even employees with little or no technical background should be able to take on certain user administration tasks.

The IT department of DEVK had to connect a large number of sales representatives to the central, home-grown master data management application at short notice. Manual administration of these new clients would have resulted in a significant increase of the workload, which would have forced the insurer to substantially expand the IT team.

The sophisticated role scheme of DEVK combines specialist competencies of the SAP system with the superordinate Garancy® Identity Manager authorization management. A workgroup creates the specific SAP roles together with the specialist departments and then hands them over to the IT service and operations team. This means that the SAP team is only responsible for defining the roles, but it does not allocate any users to them. This is the sole domain of the IAM system, which takes these SAP roles and combines them with authorizations for additional IT systems by creating high-level Garancy roles.

“The Garancy role has the highest authority; it bundles the entire specialist function range of each employee,” explains DEVK IAM Architecture Specialist Becker. Using this approach, the authorizations needed for IT systems such as SAP, the insurance application or Windows depending on the specific task profile are defined as roles. In the Garancy® Identity Manager, these roles are then linked with the personal authorization profile of each respective employee.

Given this setup, authorization management basically maps the entire organizational structure of the insurance company. This allows specialist departments to rapidly assign individual access rights to new employees. All that is left to do for IT staff is to clarify open issues in collaboration with the specialist department. Previously, new employees sometimes had to wait for up to five days before they had been properly and fully set up in the IT systems. Now it takes only two to three hours before they are connected to all systems they need to do their jobs.

Thanks to the new version, it will become much easier for DEVK to comply with access governance requirements. This is a high-priority topic for the insurance company. Garancy® IDM from Beta Systems offers the option of defining dedicated risk parameters and information for the various entities: groups, roles and users. Given this capability, DEVK is planning to introduce user classes once the new version is in place.