Insurance Services Firm Enables Rapid Disaster Claim Response with Identity Management

When there is a natural disaster or other catastrophic event, insurance carriers need adjusters to go out on site, and this service provider deploys them. Among the largest suppliers of claims adjusters to insurance companies for natural disasters, it does everyday business property and casualty (P&C) claims as well.

“We ensure claims adjusters are trained, maintain their certification, keep them on a roster, and deploy them to different events as the need arises. So an insurance carrier makes a request to us and then we send those people out,“ says the Director of Technology at the company.

Challenges
“We have over 90 custom web apps used on a daily basis by managers and adjusters to do very specific tasks, such as sending an invoice for approval to a manager, tracking ladder kits for climbing up on a roof, tons of different applications. Each app had its own authentication built in, slowing response time and efficiency. As they log in, we have to track that user throughout all of those applications back to a central location,” says the Software Development Lead at the firm.

There are two groups of computer users at the company: corporate office employees, all in Active Directory (AD) who use standard cloud apps like ServiceNow, Box, Slack and Zendesk, as well as internally-developed company apps. The other group consists of tens of thousands of field-based claims adjusters, which are maintained in an on-premises company database.

The company had a homegrown solution to authenticate adjusters, but it wasn’t designed for and struggled to keep pace with emerging security standards. Compliance needs called for the use of a secure authentication method, SAML being foremost among them. With a strong software development staff itself, it investigated building its own solution, and considered several identity access and management (IAM) vendors.

Solution
“With our own solution we would have to maintain it, keep up with the latest standards, feature requests and more. Or find a vendor who specializes in it. Our investigation led us to OneLogin, as it was well respected in the SAML community,” says the director.

“For the standard cloud apps our employees use, they all have pre-built integration support for OneLogin, so it was very easy to set up. We’ve consolidated all of those to log into one central portal. But 98% of our apps are internal, and we wrote them all. We have 100 apps authenticating with OneLogin now, and all the code work and testing involved, and then flipping the switch and communicating with the business—because we have thousands of active users—setting that up and the infrastructure was an incredibly arduous process,” explains the development lead.

“A lot of adjusters are on standby waiting for us to deploy them. Once we do, they were having to re-log in, because with the various carriers, there were different domains that adjusters were logging into. They had to re-authenticate every time they switched context or app, whatever the next app they had to log into. This was incredibly burdensome when you’re out in the field, working 12-hour days in the aftermath of a natural disaster. One of the greatest benefits to adjusters is that now with OneLogin, they only need to login once a day. And the user interface is great. For as wide-ranging and as change-averse as field adjusters are, getting everybody on board was as painless as it could have been,” states the development lead.

SSO and APIs for User Management
When someone makes a request to a company application, and they're not authenticated, the app redirects them to OneLogin to request that specific app. The username is served up by the SAML assertion, then it populates the roles and permissions necessary, resulting in granting the user the right access.

“We use the OneLogin API, because we have our own user management tools, and it’s working really well. We are able to go into OneLogin and remove the roles for a person. In the same way, if this is a new person that is just gaining access to it, we go ahead and give them access in OneLogin, keeping it all synced,” says the development lead.

Results
“The benefits of having our users in a central portal have been great. Providing a valid personal email address that adjusters can use to reset their password and get invites to the application has been a great help for us. We can now use an API to get them quickly to where the need is, and authenticate into different apps,” says the director.

Insight into User Activity
“OneLogin has given us every tool we need to manage everything about our users. The activity reports, with customization options and notifications are the best feature we've seen so far. The greatest thing we’ve seen is the Splunk integration with the activity tab--seeing when someone failed authentication, what apps that they're logging into, when someone assumed them, and then what apps they went to when they assumed them,” explains the development lead.

He continues, “We were looking for granularity, to specify or restrict certain roles and apps. It’s saved us from having to develop our own site. Being able to run reports on all of the activity of people was something we never had the ability to do. In sum, OneLogin did everything that we wanted it to do--and more.”

“One of the biggest problems we have in software development is around user requests -- because we didn't have all the information, users were dissatisfied with the results. But OneLogin has helped us get that information by seeing each step in their day-to-day process, and times. For the development and support organization, that's been singularly the greatest thing that's come out of this,” says the development lead.

Rapid Response, Better Business
“Previously, we had handled all of our mass email needs internally, but it was proving more difficult and time consuming. Through OneLogin’s platform we were able to consolidate all of our sites that use logins into a one-stop shop. This made our entire system more secure and reliable. Two of our most important priorities are the ability to reach our workforce efficiently and to provide a secure network. OneLogin’s platform makes this easier and more manageable,“ observes the director.

Why OneLogin?
OneLogin brings speed and integrity to the modern enterprise with an award-winning single sign-on and identity management platform. Our portfolio of solutions secure connections across all users, all devices and every application, helping enterprises drive new levels of business integrity and operational velocity across their entire app portfolios.