Destined for success together

Zürich, 22.11.2010 – Reference IG B2B

With BrokerGate®, a central platform simplifying electronic business communications, the association IG B2B has ushered in a new era in data transfer between brokers and insurers in Switzerland. No less than 13 Swiss insurers and more than 800 brokers have already joined the BrokerGate® identity platform in 2014. As the association’s software partner, Ergon ensures maximum security, using the Airlock web application firewall in conjunction with the Airlock IAM authentication platform; these programs monitor all connection requests and prevent unauthorised access.

The Zurich-based IG B2B for Insurers + Brokers (IG B2B) association was founded in 2003 as a syndicate, striving to simplify electronic business communications between insurance brokers and insurers by creating national standards for business processes, digital documents and data exchange for all core processes. The BrokerGate® identity platform, which has been in operation since spring 2010, was created for the broker market by IG B2B as part of this undertaking; it is a platform via which the many brokerage companies registered in Switzerland can register with the various insurance brokers portals and identify themselves categorically with a single login.

«The great thing about this project is that the needs of different and competing companies can all be addressed at once thanks to a simplified login procedure accessing the central identity platform», explains Peter Kleinert, IG B2B’s chairman, enthusiastically.

Experienced partners at work

The project launch was in April 2009 and work was completed a year later, with IG B2B receiving support from a number of specialist companies in bringing it to fruition. In&Out AG took care of the solution concept and IT project management (as a vendor-neutral consultancy company, In&Out worked up the concepts, provided support for the evaluation of additional project partners and coordinated the various implementation phases) while Ergon was chosen as software partner on the strength of its experience and expertise in developing secure web applications: The Airlock Suite, a combination of the Web Application Firewall Airlock WAF and Airlock IAM produced the perfect solution to protect the platform. Aspectra AG is involved with the project as the operator of the information and communications platform while the cooperation of Zurich Insurance Company, which came on board as a pilot user, has also played a crucial role.

Effective protection from misuse

The participating insurers and brokers were involved in identifying solutions throughout the entire process (ensuring that the needs of both brokers and insurers were addressed completely) while the IdP made things considerably simpler for both sides: brokers now need only a single token to register and, after a one-time authentication process, users have access to all the participating brokerage portals using the single sign-on system. Administration of users and tokens takes insurers less time and increased traffic through the brokerage portals also improves efficiency in processing business transactions in general. The IdP standardises access to the insurers systems without restricting differentiation.

As such web applications require comprehensive protection as a matter of course-they will otherwise soon become the target of choice for external attackers-the security strategy has to meet the highest standards. Peter Kleinert explains: «A platform like this is per se extremely exposed and thus has to be specially safeguarded. So of course it was obvious to us that we wanted to give the IdP the best possible protection from unauthorised access or even attack, first with upstream security functionality in the shape of a web application firewall and then with a strong authentication solution. In this respect it was crucially important for us to have a skilled partner at our side who could provide the necessary expertise in security matters, had an enviable track record in implementing such solutions and in whom you can place your trust unreservedly; Ergon was just the ticket.»

Airlock Suite as the central hub

Ever since the Airlock Suite has been in operation for IG B2B, all requests for access to the identity platform have been monitored and filtered 24/7 on a variety of different levels: Airlock WAF protects against web attacks (e.g. XSS or script injection) while IAM handles strong authentication of users and single sign-on for the insurers using the SAML standard protocol; only those users that have been able to identify themselves successfully via accepted and authorised connections are admitted. Unauthorised access or even attempts at manipulating the platform are automatically identified and blocked in fractions of a second using special filter algorithms that have been tailored to the login application. In the event of a fault, the session is terminated and the user is logged out for security reasons.

Peter Kleinert sums this up approvingly: «So far, things have worked out exceptionally well with the Airlock Suite and they have managed to meet all our expectations. As far as we’re concerned, the greatest advantages of Ergon’s solutions include their adaptability, the standardised connectivity options for new applications and peripherals, their modularity and their scalability. This project has clearly demonstrated that a well thought-out architecture and a wise choice of products and partners is the route to success.»