How this global company uses SSO and MFA to keep systems and data safe
Generali's headquarters is in Trieste, Italy.
For any organization, securing the systems that employees access is a significant challenge, but when it has to be done across many applications, as well as different countries and partners, it's an even bigger job.
"I always describe our business as a multi-dimensional puzzle," says Yanna Winter, chief information officer (CIO) for Generali Global Corporate and Commercial (GC&C) and Generali UK.
Yanna Winter, CIO of Generali.
Generali is one of the one of the largest insurance and asset management providers operating in the world today. Established in 1831, the Italian-headquartered company has staff in 50 countries and 75,000 employees worldwide.
"We're not only talking about internal users in one country, we also have Generali employees in multiple countries," Winter says.
"They have local systems for human resources and other tools – that's a complex setup in many countries. Then we have brokers in various countries. Then we have third parties that also sometimes need to have access to our systems," she adds.
Also: Reddit's phishing attack response is a lesson for everyone
But while many businesses suddenly had to shift towards a hybrid model without having planned for it in 2020, Generali was already examining a cloud-based approach to work over a year before that, so the company was in a good place to adapt to the new world of work.
"We think we were ahead of the curve," says Winter. "We don't have datacenters, everything is in the cloud. It's either software-as-a-service or platform-as-a-service."
For Generali, the shift towards hybrid work and cloud applications is based around several of the key pillars of cybersecurity, with one of the most important being identity -- in other words, the idea of being able to verify for certain that the person signing into cloud applications or services really is who they say they are.
That's achieved by using verification tools like single sign-on (SSO) -- a method of authentication whereby the user can sign into multiple different services with just one username and password, combined with multi-factor authentication (MFA), which requires a user to verify that it's really them trying to login by accepting an alert which arrives on a separate device to their computer, like their smartphone.
For Generali, this process is powered by Okta, the authentication and access software, something which Winter says provides users with a smooth, secure experience for logging in, while also providing a strong level of security for preventing unauthorized and potentially malicious activity.
"With the Okta solution, people can get in if they've identified and authenticated, and they can have access to the various systems. It's all about that user experience," says Winter.
"They're dealing with so much complexity, so many different systems that for them to have that smooth experience while being secure, it's paramount," she explains.
But while tools like this do provide additional barriers to cyber attacks and unauthorized account access, Generali also combines this with education and cybersecurity awareness schemes for its users.
Also: How LinkedIn massively cut the time it takes to detect security threats
It's all designed to help users do their jobs effectively, no matter where they are, while also being confident about being secure against threats to user accounts, cloud storage services, and any other location-sensitive data that is stored and accessed.
"People can do their job without worrying about trivialities around data, security, logins, workflow -- we're making all of this smooth," says Winter, who says a hybrid model based on SSO and MFA has helped improved efficiency throughout the company.
"We've achieved very big productivity gains by people not needing to remember multiple passwords and logging in and out of systems," she explains.
And for Generali, being able to trust employees to securely work wherever they are isn't just bringing benefits to data security. It's also something which makes the company an appealing place to work, especially when the ability to work remotely has become a high priority for many people.
"Now it's one of the ways to attract talent. Because if you're a young graduate, would you go to a place operating on good old-fashioned pen and paper? Or would you go to a place where you have the applications, data, and the advanced analytics?" says Winter. "That very smooth user experience across complex systems, it's amazing."