Visana is one of Switzerland's leading health and accident insurers. The company offers its customers a range of products, including convenient online services with the emphasis being on security.
As a customer-oriented insurance company, the Visana Group provides its customers with a range of convenient services via a web interface. Visana developed the server internally for its myVisana portal and has continuously adapted it to its own needs. The architecture has proven itself over the years, but there was a lack of flexibility with regard to future authentication requirements. The IT department gave considerable thought to the infrastructure, while at the same time the strategic decision was made to significantly expand the B2C channel from a business perspective. The IT specialists thus decided to implement an enhanced customer authentication infrastructure.
Security is a crucial factor here – and that's why Visana relies on the Airlock Secure Access Hub to ensure maximum protection against unauthorized access by third parties.
Web applications generally require comprehensive protection as they may otherwise be targeted by external attackers. Visana had already switched its core application to SOA, with Web services, several years ago. This raised the question of the appropriate security strategy. Martin Burri, who is responsible for IT security within the Visana group, explains:
A web portal is very exposed, and must be specially secured in every case. It was, therefore, clear to us that we wanted to protect the web applications as comprehensively as possible against unauthorised access by using upstream security functions in a Web Application Firewall (WAF).