Unsupported Browser! This website will offer limited functionality in this browser. We only support the recent versions of major browsers like Chrome, Firefox, Safari, and Edge.
Your personal web demo - Get to know NEXIS 4
Details and registration
NEXIS 4 Demo

SUCCESS STORY

MAN FINANCIAL SERVICES
LEAN AUTHORISATION STRUCTURES THROUGH BUSINESS ROLE MODELLING

Secure and lean Identity and Access Management (IAM) is becoming increasingly significant in companies. A huge number of access authorisations have to be managed securely in line with the laws and regulations, and daily changes caused by employees entering the system for the first time, changing departments or offboarding have to be mapped quickly and automatically at the same time. As a financing company, MAN Financial Services (MAN FS) is subject to strict regulatory requirements and, amongst others, must be able at all times to verify which people in the company have which authorisations. To conform to these requirements, MAN FS has introduced the standard solution NEXIS 4 by which the access rights can be modelled as manageable business roles according to the minimum principle and considering existing SoD (segregation of duty) rules.

As a financing company, MAN Financial Services supports the MAN Truck & Bus customers and thus the sales volume of the commercial vehicle manufacturer as well. The MAN Financial Services service portfolio includes local and international finance, leasing and insurance solutions for MAN Truck & Bus commercial vehicles. MAN Financial Services is a sub- sidiary of Volkswagen Leasing GmbH at the Munich site. MAN Financial Services has been part of Europe’s largest automotive financial service company, Volkswagen Financial Services AG, and thus one of the companies forming the Volkswagen Group since 2014.

THE PROJECT GOAL BUNDLING THE AUTHORISATIONS

MAN FS wants to implement IAM processes that can fully meet all regulatory requirements.

Business role modelling should ensure that it is easier to grant authori- sations for certain employees, groups of employees or departments. Further- more, with the help of embedded SoD rules, it should be possible at all times to guarantee the segregation of duties (SoD controls) regarding authorisations that is required by the regulations.

 

Remark by MAN FS: “We’re one of the winners!”

“Within the VW corporation, we took part in a global IT project competition with this project in 2020. The projects that qualified to participate were assessed by internal experts based on relevance, duration, scope and ultimately, of course, success. Despite the regulatory theme of our project in the midst of projects on optimisation and increasing cost efficiency, our clear approach won us third place out of over 64 projects submitted,” says Alexander Rosener.

A young company with high expertise. Professional cooperation based on partnership according to the principle of customers becoming colleagues!

- Alexander Rosener, ProjectProject Manager AIM, MAN Financial Services

THE SOLUTION FOR MAN FS PROOF OF CONCEPT

So far, MAN FS had not used a technical solution for existing IAM processes.

The intention was not to implement a heavyweight system, as value was placed on a “light”, flexible solution that could use workflows to automatically map very sophisticated authorisation processes that were already in place. After a PoC (Proof of Concept), NEXIS 4 proved to be a perfect solution for modelling, managing, and monitoring business roles according to the minimum principle (according to the requirements of the German Federal Financial Supervisory Authority (BaFin)). This meant that all departments could be provided with business roles within a short space of time. Apart from mapping approval processes for roles, suitable SoD rules were also defined and stored for automated testing.

So far, MAN FS had not used a technical solution for existing IAM processes.

For the start of the joint project, the project team established basic concepts for the simplification and automation of the authorisation structures:

  • Grouping the authorisations for employees and departments into business roles based on authorisation analyses and interviews. The modelling and collection of the important information takes place directly in NEXIS 4, which meant that the laborious management of roles using Excel tables could be avoided.

  • Defining SoD rules for the newly modelled business roles. That way, due to automatic groupings of authorisations in NEXIS 4, compliance of over 15,000 authorisations could be controlled with a handful of SoD rules. The embedding of compensatory measures or special authori- sations was done in NEXIS 4. The software thus became the central management system regarding SoD violations and their recertification.

  • Initial approval and set-up of semi-annual recertifications of the business roles in NEXIS 4. The employees responsible therefore receive regular and fully automatic invitations to recertify including instructions with pictures and access to a user interface that is easy to use.

  • Automated support regarding the approval of new business roles or changes in existing roles with the help of the workflow engine. Here, all the necessary company divisions, from the departments to IT, will be integrated without any media discontinuity.

  • Fully automatic data exchange with the ticket system used at MAN FS to grant and remove roles with the help of NEXIS 4 REST-API.

DESIGN SIMPLIFICATION AND AUTOMATION

TECHNICAL IMPLEMENTATION CONNECTING DATA SOURCES

All the data sources relevant for role modelling were connected within a few hours with the help of the standard connectors of NEXIS 4 (SQL, LDAP, SAP are used in the project). SoD rules and workflows for processing business roles were fully configured in NEXIS 4. The integrated REST-API is used in the project to map the interface to the ticket system to be able to grant and remove roles using tickets.

Success Story MAN Process englisch
Download as PDF

These companies rely on NEXIS

💡Get to know NEXIS 4 in action!

Let us guide you through the software in a 60-minute no-obligation session and explore its full potential for your business.

Here’s what to expect from your personal NEXIS 4 web demo:

  • 15-minute preliminary talk
    We’ll start with a brief preparation call to understand your needs and expectations. In this way, we can optimally adapt to your priorities.
  • Approx. 60-minute demo
    After that, we’ll schedule a tailored demo session with you.
    During this time you will receive:
    • Insight into all product functions
    • Tailored to your priorities
    • Personalized guidance for you and your team

Nexis GmbH

Rudolf-Vogt-Str. 6
93053 Regensburg
Germany

Contact

+49 941 85097900
contact(at)nexis-secure.com

Newsletter Sign up

document.querySelector('#rm-lastname').placeholder = "Name"; document.querySelector('#rm-email').placeholder = "E-Mail";
Customer area
NEXIS | LinkedIn

Customer Area

NEXIS Customer Portal
NEXIS 4 Documentation