Upload
gaurav-bagga
View
216
Download
0
Embed Size (px)
Citation preview
8/8/2019 25608 Penn Mutual Case Study Final
1/6
Microsoft Windows Server SystemCustomer Solution Case Study
Mutual Life Insurer SynchronizesIdentity Information Across Multiple
OverviewCountry or Region: United States
Industry: Insurance
Customer Profile
Penn Mutual is the nations second
oldest mutual life insurer. Founded
in 1847, the company provides life
insurance and annuities through a
national network of financial
professionals.
Business Situation
Penn Mutual wanted to automate
information management processes
and provide single sign-on access to
multiple systems available throughits portal, as well as increase portal
security.
Solution
Penn Mutual is using Microsoft
Identity Integration Server 2003
Enterprise Edition Service Pack 1 to
automatically aggregate user profile
information and synchronize that
information across multiple source
systems.
Benefits Greater administrative efficiencies
Better control of identity
information
Cost savings of 75 percent
MIIS 2003 SP1 has worked flawlessly frominception to help us simplify identity
management throughout our systems.Jeff Skalicky, Senior Enterprise Infrastructure Architect, Penn Mutual
The Penn Mutual Life Insurance Company, one of the
oldest mutual life insurers in the United States, was
using manual processes to manage identity data. This
was time consuming and didnt always ensure that
identities were updated consistently across the com-
panys different information source systems. By
implementing Microsoft Identity Integration Server
(MIIS) 2003 Enterprise Edition Service Pack 1 (SP1),
Penn Mutual has automated its identity information
tasks. MIIS 2003 SP1 aggregates user profile data from
multiple systems and synchronizes it to the organiza-
tions centralized directory, which ensures that identity
data is up-to-date. As a result of automating these
processes, Penn Mutual is reducing the cost of
managing identity information, decreasing help-desk
costs, and increasing the security of its internal portal
through role-based access control.
8/8/2019 25608 Penn Mutual Case Study Final
2/6
SituationFounded in 1847, the Penn Mutual
Life Insurance Company is
headquartered in Horsham,
Pennsylvania, just outside
Philadelphia. It is the second oldest
mutual life insurer in the United
States, with life insurance and annuity
products sold through a national
network of financial professionals. By
offering customers sophisticated
products and easy-to-understand
consumer materials, Penn Mutual
provides solid financial options to
meet clients immediate and future
needs.
Penn Mutual created an internal
portal, called Producers Place, to
provide an efficient way for field
representatives to access critical
business and customer information
online. In addition, field
representativeswhich include
independent and internal agents, fieldmanagers, and sales support staff
can access brokerage services
through Hornor, Townsend & Kent, a
wholly owned subsidiary of Penn
Mutual.
Access to data on the companys
secure portal was accomplished
through a client database. Active
Server Pages, which were managed
through a homegrown security
application, provided authentication
and authorization for the portal. TheActive Directory service, a
component of the Microsoft Windows
Server operating system, provided
the repository for user identity
information and authenticated
identities against the security
application.
At Penn Mutual, like in many
organizations, identity information
exists in many different data systems,
including human resources, payroll,
client management, distribution
management, and a third-party
solution used by external brokers and
dealers. The problem with multiple
information sources is the duplication
of identity information and the fact
that different directories can contain
conflicting identity information about
the same person or resource.
Penn Mutual had no way to
synchronize information among the
different source systems, except
through manual processes. Updates
to data in one information system, for
example, were not automatically
reflected in that same user account in
another system. Manually tracking
and keeping information currentacross all systems was time con-
suming, and there was always the
chance that something was missed.
This left users unsure whether the
information that they were viewing
was the most recent.
Penn Mutual wanted to replace
manual information update processes
with a solution that would aggregate
user profile information across
multiple information source systems.
IT administrators also wanted tosimplify information access by giving
users single sign-on capabilities and
some level of self-service such as the
ability to change passwords.
Achieving these goals would reduce IT
8/8/2019 25608 Penn Mutual Case Study Final
3/6
staff involvement in common tasks as
well as reduce help-desk calls.
SolutionThe IT group at Penn Mutual
evaluated several metadirectory
systems before selecting an identity
management solution. The group
looked at system costs, the ability to
support a variety of identity
repositories, and single sign-on
functionality, among other features.
Taking into account the fact that the
companys identity infrastructure was
built on Active Directory, Penn Mutual
selected Microsoft Identity Integration
Server (MIIS) 2003 Enterprise Edition
Service Pack 1 (SP1). Part of Microsoft
Windows Server System integrated
server software, MIIS 2003 SP1 offers
broad interoperability capabilities,
including integration with a range of
identity repositories, management
across multiple source systems, andthe ability to automatically detect
updates and share the changes
across systems.
IT administrators now can manage
user information across both the
Active Directory service and
Lightweight Directory Access Protocol
(LDAP) directories. For example, MIIS
2003 SP1 draws identity information
from the companys different source
systems, and then uses that
information to authenticate useraccess to the Producers Place portal.
By using MIIS to create a central
identity store, account managers now
can synchronize passwords across
multiple systems, providing common
logon information throughout
systems. It is no longer necessary to
use multiple systems to change user
names or passwords across all
systems.
MIIS 2003 SP1 has worked flawlessly
from inception to help us simplify
identity management throughout our
systems, states Jeff Skalicky, Senior
Enterprise Infrastructure Architect for
Penn Mutual. To enter the Producers
Place portal, all the user has to do is
type his or her user name and
password, and a Web service sends a
request to Active Directory by way of
our Web security system.
To solve the issues that resulted from
identity data residing in multiple
sources, Penn Mutual is using MIIS as
a new data store that is an aggregate
of information in these systems. By
combining the data for a specific
person or resource, it creates a singleentry that contains some or all of the
identity information from each
connected data source.
Think of MIIS as the bottom of a
funnel, says Greg Driscoll, Assistant
Vice President for Technology
Architecture at Penn Mutual, with
three or four source systems at the
top and MIIS at the bottom
incorporating all the information. MIIS
brings all the information together to
represent one data store thatprovides user roles as well as ensures
that records are updated.
The aggregated user profile provides
IT staff with different views and
Our ITadministrators havemore control ofidentity informationnow that we areusing MIIS to
manage the flow ofdata betweenconnected sourcesystems throughoutour enterprise.
Greg Driscoll, Assistant Vice President
for Technology Architecture, Penn
8/8/2019 25608 Penn Mutual Case Study Final
4/6
8/8/2019 25608 Penn Mutual Case Study Final
5/6
using MIIS to manage the flow of data
between connected source systems
throughout our enterprise, says
Driscoll.
Cost Savings of 75 Percent Compared
with Other Solutions
Because Penn Mutual was already
running Microsoft Windows Server
2003, the MIIS solution easily gained
approval. As Driscoll explains, When
compared with other metadirectory
products in the marketplace, this
solution cost approximately 75
percent less. Furthermore, it offers
advanced integration with Active
Directory, which we are using to
provide a single sign-on Web interface
as well as to give users the ability to
set and reset passwords across
multiple systems.
Faster Account Setup, 30 Percent Cut
in Help-Desk Password Resets
Tasks associated with the initial setupof user accounts presented one of the
greatest costs for the Penn Mutual
help deskto say nothing of the
frustrations involved in setting up
user accounts because they often
required multiple contacts. The easy-
to-use self-registration capabilities
enabled by MIIS are improving the
user experience, and, by leveraging
Active Directory, help-desk involve-
ment in password resets has declined
by as much as 30 percent, says
Skalicky.
Increased Portal Security Through
Access Control
MIIS 2003 SP1 is helping Penn Mutual
gain better portal security by
providing robust trust management,
reusability, and reporting tools, which
allows administrators to control
exactly what data is shared and with
whom. MIIS helps us make the portal
more secure because we have all the
data in aggregate now. We can rely
on that data to verify the identity of
someone who is registering, and then
provide or deny access accordingly,
Driscoll concludes.
The easy-to-useself-registrationcapabilities enabledby MIIS areimproving the userexperience, and, by
leveraging ActiveDirectory, help-deskinvolvement inpassword resets hasdeclined by as muchas 30 percent.
Jeff Skalicky, Senior Enterprise
8/8/2019 25608 Penn Mutual Case Study Final
6/6
Microsoft Windows ServerSystemMicrosoft Windows Server System is a
line of integrated and manageable
server software designed to reduce
the complexity and cost of IT.
Windows Server System enables you
to spend less time and budget on
managing your systems so that you
can focus your resources on other
priorities for you and your business.
For more information about Windows
Server System, go to:
www.microsoft.com/windowsserversy
stem
For More InformationFor more information about
Microsoft products and services, call
the Microsoft Sales Information
Center at (800) 426-9400. In
Canada, call the Microsoft Canada
Information Centre at (877) 568-
2495. Customers who are deaf or
hard-of-hearing can reach Microsoft
text telephone (TTY/TDD) services
at (800) 892-5234 in the United
States or (905) 568-9641 in Canada.
Outside the 50 United States and
Canada, please contact your local
Microsoft subsidiary. To access
information using the World Wide
Web, go to:
www.microsoft.com
For more information about the
Penn Mutual Life Insurance
Company, call (215) 956-8000 or
visit the Web site at:
www.pennmutual.com
2006 Microsoft Corporation. All rights reserved.This case study is for informational purposes only.MICROSOFT MAKES NO WARRANTIES, EXPRESS ORIMPLIED, IN THIS SUMMARY.Microsoft, Active Directory, the Windows logo,Windows Server, and Windows Server System areeither registered trademarks or trademarks ofMicrosoft Corporation in the United States and/orother countries. All other trademarks are property oftheir respective owners.
Document published February 2006
Software and Services Microsoft Windows Server System
Microsoft Windows Server 2003
Enterprise Edition
Microsoft Identity Integration
Server 2003 Enterprise Edition
Service Pack 1
Technologies
Active Directory
Hardware HP DL 380 server computers with
dual processors and 4 GB of RAM
http://www.microsoft.com/windowsserversystemhttp://www.microsoft.com/windowsserversystemhttp://www.microsoft.com/http://www.pennmutual.com/http://www.pennmutual.com/http://www.microsoft.com/http://www.pennmutual.com/http://www.microsoft.com/windowsserversystemhttp://www.microsoft.com/windowsserversystem