8/8/2019 25608 Penn Mutual Case Study Final

1/6

Microsoft Windows Server SystemCustomer Solution Case Study

Mutual Life Insurer SynchronizesIdentity Information Across Multiple

OverviewCountry or Region: United States

Industry: Insurance

Customer Profile

Penn Mutual is the nations second

oldest mutual life insurer. Founded

in 1847, the company provides life

insurance and annuities through a

national network of financial

professionals.

Business Situation

Penn Mutual wanted to automate

information management processes

and provide single sign-on access to

multiple systems available throughits portal, as well as increase portal

security.

Solution

Penn Mutual is using Microsoft

Identity Integration Server 2003

Enterprise Edition Service Pack 1 to

automatically aggregate user profile

information and synchronize that

information across multiple source

systems.

Benefits Greater administrative efficiencies

Better control of identity

information

Cost savings of 75 percent

MIIS 2003 SP1 has worked flawlessly frominception to help us simplify identity

management throughout our systems.Jeff Skalicky, Senior Enterprise Infrastructure Architect, Penn Mutual

The Penn Mutual Life Insurance Company, one of the

oldest mutual life insurers in the United States, was

using manual processes to manage identity data. This

was time consuming and didnt always ensure that

identities were updated consistently across the com-

panys different information source systems. By

implementing Microsoft Identity Integration Server

(MIIS) 2003 Enterprise Edition Service Pack 1 (SP1),

Penn Mutual has automated its identity information

tasks. MIIS 2003 SP1 aggregates user profile data from

multiple systems and synchronizes it to the organiza-

tions centralized directory, which ensures that identity

data is up-to-date. As a result of automating these

processes, Penn Mutual is reducing the cost of

managing identity information, decreasing help-desk

costs, and increasing the security of its internal portal

through role-based access control.

8/8/2019 25608 Penn Mutual Case Study Final

2/6

SituationFounded in 1847, the Penn Mutual

Life Insurance Company is

headquartered in Horsham,

Pennsylvania, just outside

Philadelphia. It is the second oldest

mutual life insurer in the United

States, with life insurance and annuity

products sold through a national

network of financial professionals. By

offering customers sophisticated

products and easy-to-understand

consumer materials, Penn Mutual

provides solid financial options to

meet clients immediate and future

needs.

Penn Mutual created an internal

portal, called Producers Place, to

provide an efficient way for field

representatives to access critical

business and customer information

online. In addition, field

representativeswhich include

independent and internal agents, fieldmanagers, and sales support staff

can access brokerage services

through Hornor, Townsend & Kent, a

wholly owned subsidiary of Penn

Mutual.

Access to data on the companys

secure portal was accomplished

through a client database. Active

Server Pages, which were managed

through a homegrown security

application, provided authentication

and authorization for the portal. TheActive Directory service, a

component of the Microsoft Windows

Server operating system, provided

the repository for user identity

information and authenticated

identities against the security

application.

At Penn Mutual, like in many

organizations, identity information

exists in many different data systems,

including human resources, payroll,

client management, distribution

management, and a third-party

solution used by external brokers and

dealers. The problem with multiple

information sources is the duplication

of identity information and the fact

that different directories can contain

conflicting identity information about

the same person or resource.

Penn Mutual had no way to

synchronize information among the

different source systems, except

through manual processes. Updates

to data in one information system, for

example, were not automatically

reflected in that same user account in

another system. Manually tracking

and keeping information currentacross all systems was time con-

suming, and there was always the

chance that something was missed.

This left users unsure whether the

information that they were viewing

was the most recent.

Penn Mutual wanted to replace

manual information update processes

with a solution that would aggregate

user profile information across

multiple information source systems.

IT administrators also wanted tosimplify information access by giving

users single sign-on capabilities and

some level of self-service such as the

ability to change passwords.

Achieving these goals would reduce IT

8/8/2019 25608 Penn Mutual Case Study Final

3/6

staff involvement in common tasks as

well as reduce help-desk calls.

SolutionThe IT group at Penn Mutual

evaluated several metadirectory

systems before selecting an identity

management solution. The group

looked at system costs, the ability to

support a variety of identity

repositories, and single sign-on

functionality, among other features.

Taking into account the fact that the

companys identity infrastructure was

built on Active Directory, Penn Mutual

selected Microsoft Identity Integration

Server (MIIS) 2003 Enterprise Edition

Service Pack 1 (SP1). Part of Microsoft

Windows Server System integrated

server software, MIIS 2003 SP1 offers

broad interoperability capabilities,

including integration with a range of

identity repositories, management

across multiple source systems, andthe ability to automatically detect

updates and share the changes

across systems.

IT administrators now can manage

user information across both the

Active Directory service and

Lightweight Directory Access Protocol

(LDAP) directories. For example, MIIS

2003 SP1 draws identity information

from the companys different source

systems, and then uses that

information to authenticate useraccess to the Producers Place portal.

By using MIIS to create a central

identity store, account managers now

can synchronize passwords across

multiple systems, providing common

logon information throughout

systems. It is no longer necessary to

use multiple systems to change user

names or passwords across all

systems.

MIIS 2003 SP1 has worked flawlessly

from inception to help us simplify

identity management throughout our

systems, states Jeff Skalicky, Senior

Enterprise Infrastructure Architect for

Penn Mutual. To enter the Producers

Place portal, all the user has to do is

type his or her user name and

password, and a Web service sends a

request to Active Directory by way of

our Web security system.

To solve the issues that resulted from

identity data residing in multiple

sources, Penn Mutual is using MIIS as

a new data store that is an aggregate

of information in these systems. By

combining the data for a specific

person or resource, it creates a singleentry that contains some or all of the

identity information from each

connected data source.

Think of MIIS as the bottom of a

funnel, says Greg Driscoll, Assistant

Vice President for Technology

Architecture at Penn Mutual, with

three or four source systems at the

top and MIIS at the bottom

incorporating all the information. MIIS

brings all the information together to

represent one data store thatprovides user roles as well as ensures

that records are updated.

The aggregated user profile provides

IT staff with different views and

Our ITadministrators havemore control ofidentity informationnow that we areusing MIIS to

manage the flow ofdata betweenconnected sourcesystems throughoutour enterprise.

Greg Driscoll, Assistant Vice President

for Technology Architecture, Penn

8/8/2019 25608 Penn Mutual Case Study Final

4/6

8/8/2019 25608 Penn Mutual Case Study Final

5/6

using MIIS to manage the flow of data

between connected source systems

throughout our enterprise, says

Driscoll.

Cost Savings of 75 Percent Compared

with Other Solutions

Because Penn Mutual was already

running Microsoft Windows Server

2003, the MIIS solution easily gained

approval. As Driscoll explains, When

compared with other metadirectory

products in the marketplace, this

solution cost approximately 75

percent less. Furthermore, it offers

advanced integration with Active

Directory, which we are using to

provide a single sign-on Web interface

as well as to give users the ability to

set and reset passwords across

multiple systems.

Faster Account Setup, 30 Percent Cut

in Help-Desk Password Resets

Tasks associated with the initial setupof user accounts presented one of the

greatest costs for the Penn Mutual

help deskto say nothing of the

frustrations involved in setting up

user accounts because they often

required multiple contacts. The easy-

to-use self-registration capabilities

enabled by MIIS are improving the

user experience, and, by leveraging

Active Directory, help-desk involve-

ment in password resets has declined

by as much as 30 percent, says

Skalicky.

Increased Portal Security Through

Access Control

MIIS 2003 SP1 is helping Penn Mutual

gain better portal security by

providing robust trust management,

reusability, and reporting tools, which

allows administrators to control

exactly what data is shared and with

whom. MIIS helps us make the portal

more secure because we have all the

data in aggregate now. We can rely

on that data to verify the identity of

someone who is registering, and then

provide or deny access accordingly,

Driscoll concludes.

The easy-to-useself-registrationcapabilities enabledby MIIS areimproving the userexperience, and, by

leveraging ActiveDirectory, help-deskinvolvement inpassword resets hasdeclined by as muchas 30 percent.

Jeff Skalicky, Senior Enterprise

8/8/2019 25608 Penn Mutual Case Study Final

6/6

Microsoft Windows ServerSystemMicrosoft Windows Server System is a

line of integrated and manageable

server software designed to reduce

the complexity and cost of IT.

Windows Server System enables you

to spend less time and budget on

managing your systems so that you

can focus your resources on other

priorities for you and your business.

For more information about Windows

Server System, go to:

www.microsoft.com/windowsserversy

stem

For More InformationFor more information about

Microsoft products and services, call

the Microsoft Sales Information

Center at (800) 426-9400. In

Canada, call the Microsoft Canada

Information Centre at (877) 568-

2495. Customers who are deaf or

hard-of-hearing can reach Microsoft

text telephone (TTY/TDD) services

at (800) 892-5234 in the United

States or (905) 568-9641 in Canada.

Outside the 50 United States and

Canada, please contact your local

Microsoft subsidiary. To access

information using the World Wide

Web, go to:

www.microsoft.com

For more information about the

Penn Mutual Life Insurance

Company, call (215) 956-8000 or

visit the Web site at:

www.pennmutual.com

2006 Microsoft Corporation. All rights reserved.This case study is for informational purposes only.MICROSOFT MAKES NO WARRANTIES, EXPRESS ORIMPLIED, IN THIS SUMMARY.Microsoft, Active Directory, the Windows logo,Windows Server, and Windows Server System areeither registered trademarks or trademarks ofMicrosoft Corporation in the United States and/orother countries. All other trademarks are property oftheir respective owners.

Document published February 2006

Software and Services Microsoft Windows Server System

Microsoft Windows Server 2003

Enterprise Edition

Microsoft Identity Integration

Server 2003 Enterprise Edition

Service Pack 1

Technologies

Active Directory

Hardware HP DL 380 server computers with

dual processors and 4 GB of RAM

http://www.microsoft.com/windowsserversystemhttp://www.microsoft.com/windowsserversystemhttp://www.microsoft.com/http://www.pennmutual.com/http://www.pennmutual.com/http://www.microsoft.com/http://www.pennmutual.com/http://www.microsoft.com/windowsserversystemhttp://www.microsoft.com/windowsserversystem