Secure email communication at Allianz Suisse

The finance and insurance industries entered the Internet Age long ago. Paper has been largely replaced by electronic documents and personal and financial data is generally no longer sent by post or fax, but rather by email. These confidential communications require security measures that meet both employee and customer needs and support efficient work flows. Driven by these requirements, Allianz Suisse decided to implement a centralized encryption solution.

Confidential and Forgery-proof Email Communication

Allianz Suisse is in constant contact with insurance brokers which requires the frequent transfer of personal and financial data. Previously, the information was transferred in paper form. Although managers and employees were aware of the security risks there was no suitable solution available for secure electronic communication. In 2005 a project team was created with the task of evaluating the possibilities of secure electronic communication. The aim was to find a solution which provided confidential and forgery proof email communication coupled with high-availability and system reliability. The technology should be standards based, have low administration needs and should not require the users to install any client-side software. In addition, it should be possible for external communication partners to receive encrypted emails without any extra hard- or software.

Zertificon convinced with Flexibility and Simplicity

During the evaluation phase seven solutions were compared. These solutions were judged on various criteria to which Zertificon provided convincing solutions. Particularly noteworthy was the simple system administration, the flexible certificate management and the Z1 KickMail function for spontaneous encryption.

profile picture of Robert Spaltenstein with a white backgroundRobert Spaltenstein Allianz Suisse

Robert Spaltenstein, head of GroupWare at Allianz Suisse, explained the reasons for selecting Zertificon: “Z1 KickMail which does not require any key management by the recipient completely fulfilled the usability and security requirements. The clearly laid out administration interface and the good graphical representation of the email volumes are further advantages. In addition, a plus point is the technical support from both the solution partner company Advantix, and the software developer Zertificon.”

Customization and Launch

The test phase ran from March 2006 until June the same year when the system entered productive use. The complete launch took only 6 months. Three employees and two consultants from Advantix Groupware AG were involved in the project. With long term experience of the Lotus Domino Groupware platform Advantix – a Zertificon certified partner and security specialist – proved to be the ideal partner for the implementation. The standard solution had to be adapted in certain areas for Allianz Suisse to support the multilingualism that exists in Switzerland. The login page was modified so that it could be integrated into the Allianz portal (corporate design). “The solution, which was introduced, was positively received throughout, especially as no extra effort on the part of the employees is required. Apart from a short presentation, no training was required. The solution was immediately ready for use and the administration required is kept to a minimum”, summed up Dr. Beat Schütz, managing director and responsible project leader at Advantix.

Flexible Gateway Deployment

The complete deployment covered three redundant Z1 SecureMail Gateways as well as three redundant Z1 SecureMail Messengers for password based email encryption – each running on a Z1 Appliance SMA 1000. Now confidential information is exchanged by email instead of by post or fax. Z1 SecureMail Gateway operates as an SMTP Proxy that automatically encrypts, decrypts and signs emails, whilst also checking the validity of signatures. The solution allows virus scanners and spam filters access to all email traffic. Thanks to a flexible certificate management system, it works with user, domain and group certificates. Z1 SecureMail Gateway fits seamlessly into the existing email infrastructure. It conforms to both the international email security standards, S/MIME and OpenPGP, and is compatible with all popular email programs. The solutions run on the Z1 Appliance, a complete solution combining system software and high-performance hardware with special Appliance functions. With the high-availability of the fail-over system, Allianz Suisse has experienced failure-free operation since the initial deployment.

Optimized work flow thanks to automated encryption

“The implementation of this central-based solution meant not only that our security policy could be maintained, but also that working procedures could be optimized and reaction times shortened. This is advantageous for employees and customers. Extensive security and messaging know-how from Zertificon and Advantix Groupware AG, Zertificon’s partner firm, proved to be highly valuable“, summed up Robert Spaltenstein from Allianz Suisse.

Allianz Suisse belongs to the Allianz Group, which is represented in over 70 countries by its companies and subsidiaries. As a part of this leading international finance service group Allianz Suisse offers its customers creative and professional solutions for the business areas insurance, pensions and asset management.

Allianz Suisse is represented in the Swiss market by 70 general agencies and numerous offices. Five regional claim centers handle claims from their catchment areas. Allianz Suisse administers an IT infrastructure for around 4,000 employees, based on the Groupware platform Lotus Domino.

Secure Email with Z1 SecureMail

The products from the Z1 SecureMail family provide an electronic solution for efficient and secure data transfer. A desktop solution for all 4,000 employees would only have been possible with massive effort. Therefore product variants with central external certificate management and automatic certificate acquisition were installed that relieve not just the administrators but also the Help Desk. Training for the user is minimal.

 Download Success Story (PDF)