Established in 1991, China Pacific Insurance Co., Ltd. (CPIC) is one of the largest insurance companies in China, with investment asset size of RMB366 billion. At present, it has 5,700 subsidiaries and branches, over 67,000 staff and 270,000 salespersons serving 47 million individual clients and 2.85 million corporate clients in China. Its business scope covers risk protection services including life and property insurance as well as wealth management and asset management services.
Located in Cao He Jing Development Zone of Shanghai, CPIC Shanghai Information Center is a vast technology park primarily hosting IT companies. As the leader of insurance and financial industry, China Pacific Insurance is very demanding on the security of the information centre. Any security loopholes may cause considerable losses; thus, highly secure and stable physical access solutions are needed.
The access control system effectively controls the entrance and exit of staff and visitors as well as access rights of internal areas
Network monitoring for secure login
HID Global has applied superb secure identity solutions on the information centre including full-functionality VertX network access solutions and the highly secured iCLASS card reader series. The overall system has tightened the control of entry points and enabled network monitoring for secure login.
It effectively controls the entrance and exit of staff and visitors as well as access rights of internal areas, such that when anyone enters the premises, not only can the administrator immediately obtain visitor’s personal information, but also set up his/her access rights to use the network facilities of the building or grant permission to access next premises. Such access level settings can fully safeguard the information centre.
Stringent security measures
As the key facilities of China Pacific Insurance Co., Ltd., Shanghai Information Center took up the responsibilities of managing, developing and maintaining the security of financial data; therefore, it imposed stringent security requirements.
- The system should apply stringent security management measures, and tight access control over every entrance. At the same time, the system should enable access levels settings so as to restrict the use and login authority of different management systems including access control, POS system (Point-of-Sales) and elevator control for respective staff.
- Reputable brand with track records in the financial industry is required. The products should apply leading technologies with internationally recognised security certifications
- Scalable network system for future upgrades
- Comprehensive local support to address all issues in a timely and prompt fashion
The systems leveraged contactless smart cards and biotechnological identification technology to verify the identity of any incoming visitors and staffiCLASS readers’ encryption technology
The solutions included card issuance, physical access management, time/attendance management, elevator management and cashless payment systems. The systems leveraged contactless smart cards and biotechnological identification technology to verify the identity of any incoming visitors and staff.
Four iCLASS RW400 reader/writers were installed in the security and fire control centre for card issuance and setting access levels. At the same time, a Fargo HDP5000 card printer/encoder was used for printing colourful staff ID cards. The printer supported several encoding modules including holographic laminates which deferred counterfeiting and provided greater security.
The data centre has employed iCLASS R40 card readers at the entry points of the premises and passages, conference rooms, facilities zones and mechanical rooms, ECC main control centre and the emergency exits of each floor. The security level has strengthened through the readers’ encryption and mutual authentication technology.
Central access management
All subsystems were connected to the TCP/IP protocol of VertX network controller for central access management and report generation. The system was made up of two communication channels: the primary channel connected the server, host PC, and VertX V1000 network controller via a designated TCP/IP protocol for higher volume data transmission and faster connection speed.
iCLASS RWKLB550 13.56 MHZ contactless smart card readers were connected with the control room via a VertX V100 controller to perform time/attendance functions
The secondary communication channel was composed of the V1000 network controller, reader interfaces, time/attendance controllers, and elevator controllers to handle small amount data transmission. The three devices communicated with V1000 via a RS485 connection. iCLASS RWKLB550 13.56 MHZ contactless smart card readers were connected with the control room via a VertX V100 controller to perform time/attendance functions.
Reducing risks of data theft
iCLASS RWKLB550 enabled highly secured 64-bit variable key encryption for mutual authentication and reduced risks of data theft and clone cards. It is suitable for organisations with demanding security requirements and a large number of staff like CPIC.
To heighten the security level of the information centre, the data centre was equipped with the elevator control system. An iCLASS R40 card readers were connected with the host PC via VertX V100 controller such that only authorised persons can use the elevator by activating elevator floor call buttons. The network structure not only ensured system stability, but also successfully achieved stringent access control and safeguarded the premises.
The security has been further enhanced through the iCLASS card readers’ dual security identification technology"Dual security identification technology
The property has been managed by the service centre of CPIC – Information Center (Shanghai) upon completion. Mr. Tan, management officer of the service centre commented on the project, “This project faced a number of implementation difficulties which required a system with robust technology to address the issues. Since the property would handle essential financial data of China Pacific Insurance, the security requirements were very demanding with complicated access levels setup. HID Global is a trustworthy brand in providing superb secure identity solutions. Therefore, we have employed the IP-based HID VertX controllers to perform all-rounded access management for CPIC.
“Also, the security has been further enhanced through the iCLASS card readers’ dual security identification technology. Lastly, the system was very flexible with good scalability for future upgrade. During the installation, HID Global has promptly responded to our requests and provided quality support to achieve a satisfying result.”