Starr International Co, INC, formerly known as Dazhong Insurance Co., Ltd., was registered and established by Starr Group in January 1995. In October 2013, Starr Property Insurance became one of the first insurance institutions approved to operate in the Shanghai Free Trade Zone. In 2017, it received an "A" Financial Strength Rating (FSR) and an issuer credit rating (ICR) of "a" from the internationally renowned rating agency A.M. Best. The company remains committed to the principles of prioritizing profitability, prudent operations, and coordinated development. It upholds the service purpose of reputation-based and serving the public, leveraging its industry experience accumulated over the years to establish itself as a leading financial insurance service provider in society.
Facing complex market and customer demands, Starr International Insurance places utmost importance on technological innovation as its top priority. With a global perspective, the company strategically expands its global footprint, striving for sustainable and robust development.
However, rapid growth poses three key challenges as a result of information silos among disparate systems within the organization:
·Lack of a robust identity management system and foundational system architecture that supports multiple authentication methods: The company lacks a comprehensive identity management system and a foundational system architecture that can accommodate various authentication methods. This poses difficulties in effectively managing user identities and access controls.
·Lack of integration among systems, resulting in the absence of a unified and standardized end-to-end system: The different systems within the organization are not interconnected, leading to the absence of a unified and standardized end-to-end system. This hinders the establishment of consistent and streamlined workflows across different processes.
·Absence of adequate auditing functionality to support security audits: The company lacks the necessary auditing capabilities to facilitate security audits. Without appropriate auditing functionality, it becomes challenging to track and monitor security-related events and activities, making it difficult to assess security measures effectively.
To elevate the level of information management, Starr International Insurance can implement a unified identity management system. This system will link various identity information from the human resources system to establish a centralized control of the organizational structure within the company. It will enable comprehensive lifecycle management of user accounts, from onboarding to job transfers and offboarding, without manual intervention. This will effectively alleviate the workload of IT operations and maintenance personnel.
Implementing AD domain single sign-on for desktops will allow users to access their accounts immediately upon booting up their computers. By integrating a unified identity authentication platform with the AD domain, users can simply log in to their Windows operating system using their domain account. After successful authentication, they can access the unified identity authentication system through a browser without the need for manual username and password input. This streamlined process enables users to quickly authenticate and access the system.
A robust auditing functionality will help implement traceable user management. By analyzing user account activities, including the addition and removal of roles, account deactivation, and activation, the system can generate comprehensive audit reports. The system can filter these reports based on the account of the operator, the time period, and the type of action performed, allowing for a traceable user management system.
These measures, including a unified identity management system, AD domain single sign-on, and comprehensive auditing functionality, will enhance the information management capabilities of Starr International Insurance. They will streamline user management, improve user experience, and ensure traceability and compliance in user activities.
User login scenario
Scenario 1: Internal users open their browser and enter the URL of the application system. If they are not logged in, they will be automatically redirected to the login page of the unified identity authentication platform. They will then enter their AD account and password for authentication. Once the authentication is successful, they will be directly redirected to the main interface of the application.
Scenario 2: Internal users open their browser and enter the URL of the unified identity authentication system. If they are not logged in, they will be automatically redirected to the login page of the unified identity authentication platform. They will then enter their AD account and password for authentication. Once the authentication is successful, they will enter the user interface of the unified identity authentication platform. From there, they can click on the icon of the application system to be redirected to the corresponding application system.
● Integrate Starr International Insurance's information systems to strengthen internal identity governance.
● Implement unified management of insurance customers to enhance service efficiency and capabilities.
● Enhance auditing to achieve traceable user management and significantly improve enterprise internal control and security.