NN Group: Security according to the highest compliance requirements

NN group

Nsecure provides the total security chain for all NN Group offices in the Netherlands and Belgium

What started in 2005 with a tender for access control has now grown into a close partnership. Nsecure installs, maintains and operates most hardware systems and software platforms in the field of physical security for the Dutch and Belgian offices of Nationale-Nederlanden. The choice is self-evident for the insurer and asset manager: “Nsecure is one of the few security companies that can meet the highest compliance requirements imposed on the financial sector and always delivers on its promises.”

NN group

Director for security

The collaboration between Nsecure and NN Group, which has labels such as Nationale-Nederlanden, Movir, Ohra and NN Investment Partners, dates back to 2005. At that time, Nsecure won a tender for the supply and maintenance of the access control system. Over time, the services have been further expanded. Nsecure is now the main contractor of NN Group for, among other things, installation, maintenance, operation and advice regarding all the company's security systems in the Netherlands and Belgium. The many years of relationship with NN Group have created a partnership that involves intensive collaboration in the field of security.

Meeting the highest compliance requirements

The choice of Nsecure as a security partner is self-evident, explains portfolio manager hard services security facility management at NN Group Gerard Versluis: “The financial sector has high demands in the field of security. The Dutch Bank and the AFM require companies to cover every operational risk, from data leaks to packages that explode, and to take sufficient mitigating measures. This places very high demands on your IT environment, among other things. Nsecure is one of the few security companies that can keep up with our compliance level, but this is often too complex for other companies.” Regulations for the financial sector have tightened considerably in recent years. Does a company not comply with the rules or do not comply sufficiently or can it not demonstrate how risks are managed? This can lead to high fines and damage to your image. Nsecure is the market leader in the field of security within the financial sector and works for four of the five largest banks and a number of the largest insurers in the Netherlands. As a result, the company knows this playing field inside and out. Versluis: “We have been working with Nsecure for almost twenty years and therefore know that they meet the highest standards.”

Huge reservoirs with valuable data

Since 2012, Nsecure has been responsible for the implementation and operation of all physical security systems for the Dutch and Belgian offices of the NN Group. Nsecure also supplies the central software platforms, including workflow and identity management platform YIM for the card management process for employees and systems for access control and camera observation. “These systems are 'huge reservoirs with valuable data',” says Ton van Klei, safety & security sales manager for (mainly) the financial sector at Nsecure: “NN Group can extract compliance-related information from them. For example, they can demonstrate that only authorized persons have entered specific areas, making them demonstrably in control. But they can also extract completely different forms of information from it. Consider the occupancy rates of buildings for real estate management.”

Jointly developed security model

Nsecure has developed a model together with NN Group that translates the insurer's security policy into the application of security components such as cameras, intercoms, intrusion detection and access control in its buildings. Thanks to the model, project managers can easily implement security measures, identify deviations and mitigate risks. Van Klei: “Each room has a different risk profile, for example rooms where the ICT network components are installed and the room where the Board of Directors meets. The model describes which measures apply to sufficiently mitigate various risks. On this basis, protective measures are implemented, such as access based on the four-eye principle with camera observation as support. Of course, associated safety aspects such as escape routes are always taken into account. This goes beyond the component level, where IT security is also taken into account.” Co-developing policy is in line with Security as a Service, the total service with which Nsecure can take over the entire access and security policy at companies, both in terms of personnel and technology.

Card Management as a Service

NN Group has been using Nsecure's workflow and identity management solution YIM since January 2021 to request, send and activate access passes for employees. The entire process is designed based on a self-service idea. The employee only needs to upload a passport photo and choose a pick-up location. The card production is then fully automated by Nsecure, until the employee receives a QR code with which the card can be collected and activated at the reception of the pick-up location. This offers NN Group much more flexibility, for example, it can easily be scaled up and down. Versluis: “If NN Group takes over a company with 500 employees today, a similar number of passes can be sent next week. Such an automated process also saves a lot of time.” There is also 100 percent continuity: access passes for access can be requested online 24/7, without an NN facility employee having to be available. Van Klei: “This is unique within the financial sector, normally access passes are provided in-house. Such systems, which are hosted in an external data center and linked to the corporate network, are subject to high compliance requirements by regulators. Such solutions must also be reported to the DNB, for example. After all, employees' private data must remain in safe hands and the insurer's network must be well protected from malicious persons.” This process of Card Management as a Service is running smoothly, Versluis notes with satisfaction: “The only point is that people still have to get used to the fact that they can do this themselves. Just as people once had to get used to the disappearance of bank branches, with the result that they had to arrange their banking affairs online themselves.”

Three pillars for security

The collaboration of almost two decades has resulted in an increasingly closer understanding. Van Klei: “Our people have, as it were, become employees of NN: they are fully integrated. That is quite special, because there are obviously strict requirements attached to it.” Versluis: “The guy makes the tent. We have indeed truly become colleagues, we always know where to find each other quickly.” The three pillars of the collaboration are aimed at unburdening (especially with regard to complex matters), 24/7 continuity in the field of security and knowledge of the playing field of financial institutions. What Versluis particularly praises about Nsecure is its reliability: “Nsecure always delivers what it promises. That is not the case with every company. When concluding a contract, trees at other companies grow to the sky, but after a year and a half it turns out to be disappointing. However, Nsecure always keeps promises.”

A future with biometric access control

NN Group and Nsecure have bright plans for the future, with the insurer increasingly focusing on its core tasks and Nsecure taking care of issues in the field of security, safety and hospitality. For example, YIM is being expanded with options to register visitors in advance and request authorizations for special areas. By the end of 2021, all buildings in the Netherlands and Belgium must also comply with the security policy established by the NN Group. A major step that NN wants to take with Nsecure is biometric access control. Versluis: “We have now created a test environment with which we are investigating how biometrics can be used for better physical security and a building with a more cheerful appearance. The starting point is the hospitality idea: you have access everywhere, unless biometrics deems that you are not allowed to enter. We are on the eve of a major biometrics adoption and we are confident that Nsecure can implement this seamlessly.”

Logo Unica acces & security international   diap RGB

Unica Access & Security

Access control, burglary, intercom and camera observation in one central environment.

Unica Acces & Security

Lübeck 1, 2993 LM Barendrecht