Ansheng Tianping Property Insurance Co., Ltd. ("Ansheng Tianping") is a wholly-owned subsidiary of AXA Group in China. AXA Group is headquartered in Paris, France and is one of the world's leading insurance and asset management groups. It has been ranked as the global number one insurance brand for 10 consecutive years and is listed as the 46th on the Fortune Global 500 list. AXA Group is also one of the oldest companies among the Fortune 500.
Ansheng Tianping has always been committed to offering comprehensive and customized high-quality products and services to over 3.3 million individual and commercial customers in China. With a consumer-centric approach and a corporate vision of transitioning from a claims payer to a companion, the company integrates technology and innovative distribution channels to protect and support every aspect of customers' daily lives.
As Ansheng's business systems continue to expand and the user base grows, the existing information security model is no longer able to meet the increasingly complex information security needs.
-The traditional single-factor authentication method has a lower security certification level, making it vulnerable to risk intrusion.
-There is a lack of unified management standards among different systems, and the presence of zombie account and orphan accounts requires governance.
-The lack of uniform employee login credentials with multiple sets of IDs and passwords reduces work efficiency and hinders compliance with security auditing, making it difficult to trace risky behavior.
-Employees have a subpar self-service experience and rely on IT operations personnel for provisioning, leading to a heavy workload and potential for oversight and errors in operations.
Upgrade Information security
To fulfill the access security and audit compliance needs of Ansheng's information technology infrastructure, Paraview is collaborating with Ansheng to establish a Multi-Factor Authentication (MFA) platform. This platform will enable a higher level of security for identity verification and enhance system access security.
▲Functional Architecture Planning of Paraview MFA Multifactor Authentication Platform
▍Multiple authentication methods, comprehensive security protection
Paraview Multi-Factor Authentication (MFA) platform provides Ansheng with a diverse range of login authentication methods. By incorporating various user roles, network types, and device types, it establishes multi-dimensional and multi-tiered login security policies. This comprehensive approach aims to safeguard Ansheng's identity security comprehensively, ensuring protection from all potential security threats.
▍Integrated AD domain, centralized account management
Paraview MFA system seamlessly integrates with Ansheng's Active Directory (AD) identity system, enabling efficient management of user account lifecycles and password synchronization. This integration streamlines the workflow for IT operations personnel, reducing their workload. Automatic password synchronization from AD to end-user devices ensures a closed-loop authentication process, enhancing the overall security of Ansheng's information infrastructure.
▍Abnormal risk detection to improve early warning capabilities
Leveraging predefined risk policies, the Paraview MFA system autonomously detects risk factors and evaluates their severity during the login process. It dynamically assigns the corresponding level of identity authentication methods to address these risks. By utilizing warning notifications, access blocking, non-operation triggers, and secondary authentication, the system effectively intercepts abnormal login attempts to thwart potential threats. This proactive risk warning capability significantly enhances Ansheng's ability to anticipate and respond to risks in complex network environments.
▍Secondary strong authentication to ensure system access security
Paraview MFA system incorporates a robust second-factor authentication strategy for Ansheng's enterprise user logins. This strategy takes into consideration the user's environment, the applications being accessed, and their account roles. It triggers the appropriate level of second-factor authentication based on these factors, ensuring the security of system access. Additionally, higher-level second-factor authentication methods are configured for privileged accounts, providing an extra layer of protection. This customized approach aligns with industry best practices and enhances Ansheng's overall security posture.
▍Access behavior audit, behavior traceability
Paraview MFA system performs thorough auditing of user login activities, meticulously capturing user account authentication, access, and changes. Detailed reports are generated and presented to IT operations personnel. With its proactive warning capabilities, the system promptly identifies any abnormal behaviors. It also enables post-incident traceability, allowing for quick identification of responsible individuals and preventing any attempts to deny or evade accountability. These robust auditing capabilities meet the security audit requirements of the enterprise, ensuring comprehensive monitoring and maintaining a high level of security.