Cross Identity

Official Blog

IRDAI Compliance with CI

IRDAI Compliance with CI

Noncompliance with IRDAI’s latest mandates could result in hefty fines or worse. CI from Cross Identity, an Indian IAM company with over 20 years of service and product experience, is your best bet.

CI includes all features needed to comply with IRDAI’s IAM-related mandates. It is also friendly to the budgets of the small, medium, and large Indian insurance companies and brokerage houses. This is because it is the world’s first and only pay-per-use IAM product.

Below are some IRDAI mandates that CI can enable you to comply with:

  1. All users shall be authenticated at a minimum by using User IDs and passwords before they can gain access to target systems to prevent unauthorized access to the Organization’s information assets. CI acts as the centralized authentication gateway (Identity/Authentication Provider) for users’ access. When a user is trying to access any application, CI forces them to perform authentication (with a password or Passwordless , based on authentication policies) and only then gives access to the application.
  2. Limit access in line with access policies set by owners of business applications and systems. CI offers a Least Privilege Access policy through its Role-Based Access Control (RBAC) framework. The product supports business/organization roles through which business owners can restrict users’ access to applications and systems by defining access policies for each of these roles.
  3. Access shall be timely revoked when users exit the organization. In CI, the Users’ access to various applications and systems will be terminated immediately and automatically when users are suspended or terminated.
  4. Generic User-Ids/Service IDs shall be avoided and where no alternative exists, they shall be controlled and authorized by the Business/Asset Owner to avoid misuse and compromise of user accountability. CI enables organizations to manage generic user IDs and service IDs. Once aggregated/reconciled, the access information from the target application and systems can be assigned these types of access to User Identity. Also, through an Account Review process, organizations can ensure that this access is in line with the business requirements.

Remote access to the organization’s infrastructure shall be highly restricted and controlled to prevent unauthorized access to the organization’s infrastructure from untrusted networks. This mandate is solved with an advanced IAM feature called Adaptive Authentication. Remote access can be restricted through Step-up Authentication. CI is proud to say we offer this feature.

You must typically buy multiple IAM products to comply with all these IRDAI mandates. IAM vendors sell either Access Management, Identity Governance, or Identity Administration products. But CI is the world’s foremost Converged IAM product. Such technology includes Access Management, Identity Governance, and Identity Administration in one product. It is built on a single codebase for efficiency and presented as a unified dashboard for easy management by users and administrators.

CI has been hailed by important analysts as the Converged IAM leader today. It is featured in Gartner’s Magic Quadrant, KuppingerCole’s Leadership Compass, and Frost & Sullivan’s FROST RADAR.

To learn more, Download the CI and IRDAI Compliance document.

Stay tuned for more blogs from Cross Identity which will inform you further on how CI enables you to comply with the latest IRDAI mandates.

Related Posts