Generali GC&C ensures its workforce, customers, and partners are secure in the cloud with Okta

11 core workforce apps

secured for 442 users with Okta SSO

825 users

using Okta MFA

80% reduction

in password reset requests from 50 a month down to 10 a month

20 days

of IT admin time and 3-5 days wait time for accessing apps is removed by Life Cycle Management for B2B partners

“Buying one system to solve all of your problems never works. You assess the options, select those that best fit your needs and integrate them. That can make for a complex structure, but Okta is the identity glue that holds all of these pieces of our business together.”

Yanna Winter,

CIO, Generali

Alt text.

Generali is one of the world’s largest and oldest insurance and asset management providers. Founded in 1831, it now has almost 66 million customers in 50 different countries. And, after spending years using lengthy manual processes across legacy on-premises infrastructure, Generali GC&C felt it was time to modernise and migrate to the cloud. But for a business of such size and complexity, making this move was not something that could be done over a weekend.

One solution for many considerations

In 2018, Yanna Winter, CIO of Generali Global Corporate and Commercial (GC&C) and Generali UK, embarked upon a six-year digital transformation plan. With so many customers  of varying sizes to consider, plus internal staff and external brokers, the company was faced with the tricky task of building a strategy that would serve everyone effectively. Yanna was also clear that any solution had to solve the problems the business was facing now, and also have the flexibility to scale up and address the business needs of the future — all while falling within budget.

“We needed a solution that could optimise our core focuses — innovation, multiple businesses, and expense,” says Yanna. “So, the questions we were asking of it included ‘can we evolve with the product we choose?’, ‘can it cope with a multi-tenant architecture?’ , ‘and does it have flexibility on pricing, to scale up and down as we need it to?’.

“Okta ticked every box for us. And it’s one of the most fundamental and important decisions we’ve made in our journey to the cloud. Okta has been the backbone of our decision-making process, bringing together the other crucial elements of our infrastructure”

Getting the right fit with vendor neutrality

For such a complex company structure, the fact that Okta is a vendor-neutral platform gave Yanna the flexibility to choose the best applications for her needs. “I describe our IT strategy as ‘divide, conquer and integrate’,” she explains. “Buying one system to solve all of your problems never works. You assess the options, select those that best fit your needs and integrate them. That can make for a complex structure, but Okta is the identity glue that holds all of these pieces of our business together.”

With such a complex structure to tend to, Generali GC&C had to be sure - once it had found the tools it needed - that it had a stable platform to use them with that would last for many years to come, particularly with regards to Identity and Access Management (IAM). Okta offers that stability, with identity consolidation that passes the stringent regulatory constraints in its industry.

Generali GC&C knew it needed to find a partner to support its migration, to ensure a smooth rollout, but it took a failed implementation with another vendor before it found the perfect match. “We had to parachute Atlas Identity in when we were halfway through the process with another vendor. Overnight, the Atlas team stepped in and took ownership of the problem. And they clearly cared about the broader picture - of how Okta would fit across the whole of our business. That was really refreshing.”

Starting with Single Sign-On

As Generali GC&C began the process of moving away from its legacy on-premises data centres and into the cloud, Okta Single Sign-On (SSO) was one of the first solutions that Generali GC&C leveraged. This secured around 11 core workforce apps for 442 users, including all of the company’s central services, such as JIRA, SharePoint and ServiceDesk, as well as Dun and Bradstreet for data and analytics.

With Okta in charge of the identity side of things, Generali GC&C can now respond to internal data requests within minutes, rather than three weeks. This not only cuts their data request times, it also boosts productivity.

“SSO simply wasn’t possible for us before we found Okta,” says Yanna. “It was seen as an insurmountable problem. People had multiple logins for multiple apps, which created a lack of productivity with people having to get in and out of applications about 50 times a day.”

But SSO was only one part of the puzzle in Generali GC&C’s move to the cloud. Okta’s Adaptive Multi-Factor Authentication (MFA) also proved key to ensuring the security of its apps, with 825 users enrolled in MFA. “Implementing Okta MFA was completely frictionless,” Yanna adds. “I say, that because I hardly knew it had happened. If it’s not on my desk, I know it’s gone smoothly, and Atlas Identity took care of everything, ensuring that our rollout didn’t cause any disruption.”

Enabling a secure client-facing online service

With the workforce side of the business secured, the next phase of the project involved Generali GC&C’s business to consumer portal. This was the first time Generali GC&C had offered an online service for its clients, so it was entirely new territory. Okta’s Enterprise Federation ensured a secure and seamless handover of all the apps its clients needed access to, while leaving all of the Customer Identity and Access Management (CIAM) heavy lifting to Okta. 

This was even more crucial with its B2B underwriting platform, Generisk. As this system is accessed by external brokers. Yanna wanted to ensure Generisk could be left to perform its core tasks, while leaving IAM to Okta.

“Generisk is a jewel in our crown, it’s our core platform,” Yanna says. “We ripped out our existing IAM components and implemented Okta in their place. That was so important because now Generisk can focus on being a specialist underwriting platform. Okta takes care of identity management so that Generisk doesn’t have to.”

Maximising Okta’s benefits business-wide

Generali GC&C has come a long way from the on-premises business it was. Now, just over three years into its six-year plan, Generali GC&C is looking to deepen its integrations with Okta. Leveraging deeper Lifecycle Management (LCM) automation is just one example.

Generali GC&C had initially been using LCM in a B2B scenario to grant its partners access to the applications they needed. Before Okta, an IT admin would have to grant access to these apps manually, resulting in partners waiting three to five days before access was granted. With Okta this is automated, meaning partners get access to what they need without the wait. This also eradicates 20 days of IT admin resource effort per year. 

Using LCM, Generali GC&C hopes to ensure that whatever access is granted to the various elements of its infrastructure - whether that’s a customer, colleague or partner organization - is provided in a timely, seamless fashion and that access is also revoked appropriately and automatically. “That’s the ambition,” says Yanna. “We’ve already started implementing LCM for some quick wins, but now we are moving into the second phase. We need to be careful and cautious in how we proceed, but the benefits to this approach could be huge.”

As for the longer-term future, Yanna is hopeful that the benefits that Okta has afforded her sector of the business can be rolled out and experienced elsewhere within the wider business. “Okta has been wonderful, one of most fundamental parts of this journey. The benefits of its implementation are really paying off. It has proven itself in GC&C, now it's time to start propagating that in some of the other business units too.”

Continue your Identity journey

Get hands on with the free trial today, or get in touch with our team to discuss your unique needs.