SUCCESS STORY
IAM with structure and strategy
Why CSS relies on NEXIS 4 as its platform for modern role management
Industry: Health insurance
Company size: ~ 3,600 internal and external employees
Location: Luzern, Switzerland
About Customer:
As part of its identity management, CSS administers around 13,500 authorisations and manages around 5,000 digital identities, including technical, test and training accounts. The company has been using the NEXIS 4 identity governance and administration solution since 2019. Currently, CSS has mapped around 3,300 productive roles in NEXIS 4.
Challenge
CSS was faced with the task of integrating a large number of heterogeneous target systems into its existing IAM system (NetIQ) – including around 30 core applications and 15 smaller applications, each with its own individual requirements. Different attribute names made clean data cleansing essential. Complex systems such as SAP also required special solutions for non-standardised authorisation logic. At the same time, the highest security requirements had to be met – only roles that complied with the CIA principle (confidentiality, integrity, availability) as a central security requirement in authorisation management could be applied for in order to meet the security and compliance requirements in accordance with regulatory standards in the Swiss insurance industry. It was particularly urgent to replace manual recertification processes, which previously took up to five months.
- Heterogeneous systems with individual attribute logics
- High effort due to manual recertifications
- Strict security and compliance requirements
Solution
In order to efficiently integrate the target systems and reliably implement governance requirements, CSS decided to use NEXIS 4. The platform impressed with its ability to harmonise heterogeneous data sources via plugins and standardise complex attribute structures across systems. Together with Nexis, individual export plugins were developed to prepare and distribute IAM-relevant information in a targeted manner. At the same time, a role-based authorisation model with automated workflows was implemented. Today, around 90% of productive authorisations are covered by roles – including technical validation of security-related requirements. The recertification campaigns, which were previously carried out manually, have been completely digitised and significantly accelerated.
- Standardisation via cross-system attribute plugins
- Export mechanisms for customised data distribution
- Automated recertification and role processes
Project approach
With NEXIS 4, we have not only automated our processes, but also created genuine transparency – across systems, roles and authorisations. The implementation was structured, solution-oriented and technically on par. NEXIS 4 has noticeably reduced our daily workload.
Success
With the introduction of NEXIS 4, CSS was able to optimise its authorisation management in the long term – both organisationally and technically. The platform not only enabled the automation of previously manual processes, but also significant scaling, better data quality and noticeably improved compliance. Role models, system access and recertifications are now structured, audit-proof and efficient.
Time savings: Reduction in recertification time from five months to eight weeks
More transparency and traceability: 90% of permissions covered by a rolebased model
User-friendly handling: Enabling independent access management for all employees
Audit-ready: Ensuring compliance through automated and traceable processes
User Lifecycle Management: NEXIS 4 impressed as a lifecycle management tool, which will enable joiner, mover and leaver processes to be mapped more effectively in future
These companies rely on NEXIS
Your personal webdemo
💡 Get to know NEXIS 4 in action!
Let us guide you through the software in a no-obligation session and explore its full potential for your business.
Here’s what to expect from your personal NEXIS 4 web demo:
