NN Group: Security Meeting the Highest Compliance Standards

What began in 2005 with a tender for access control has evolved into a robust partnership. Today, Nsecure installs, maintains, and operates most of the physical security hardware systems and software platforms for NN Group’s offices in the Netherlands and Belgium. The choice for Nsecure is clear for the insurer and asset manager:
“Nsecure is one of the few security companies that meets the highest compliance standards required in the financial sector and consistently delivers on its promises.”

Security Director

The collaboration between Nsecure and NN Group, encompassing brands such as Nationale-Nederlanden, Movir, Ohra, and NN Investment Partners, began in 2005 when Nsecure won the tender for delivering and maintaining the access control system. Over time, their services expanded significantly. Today, Nsecure acts as the main contractor for NN Group, providing installation, maintenance, operation, and consulting for all the company’s security systems in the Netherlands and Belgium.

This long-standing relationship has led to a partnership characterized by close collaboration on security matters.

Meeting the Highest Compliance Standards

Choosing Nsecure as a security partner was an easy decision, explains Gerard Versluis, Portfolio Manager Hard Services Security Facility Management at NN Group:

“The financial sector has stringent security requirements. The Dutch Central Bank (DNB) and the Authority for Financial Markets (AFM) require companies to mitigate every operational risk, from data breaches to explosive packages, and take sufficient preventative measures. These requirements place exceptionally high demands on the IT environment. Nsecure is one of the few security companies capable of meeting our compliance levels, which are often too complex for others.”

Tighter financial sector regulations in recent years mean failure to comply or demonstrate risk management can result in severe fines and reputational damage. As a market leader in financial sector security, Nsecure is deeply familiar with this landscape, working with four of the five largest banks and several major insurers in the Netherlands.

Versluis adds:
“Having worked with Nsecure for nearly 20 years, we know they meet the highest standards.”

Massive Data Reservoirs

Since 2012, Nsecure has been responsible for implementing and operating all physical security systems at NN Group’s offices in the Netherlands and Belgium. This includes central software platforms like the YIM workflow and identity management platform, used for card management, access control, and camera observation systems.

“These systems are massive reservoirs of valuable data,” says Ton van Klei, Sales Manager for Safety & Security in the financial sector at Nsecure.
“NN Group can extract compliance-related information, such as proving that only authorized personnel accessed specific areas. They can also derive other insights, such as building occupancy rates for real estate management.”

A Jointly Developed Security Model

Nsecure and NN Group have co-developed a model that translates the insurer’s security policies into practical applications of security components like cameras, intercoms, intrusion detection, and access control. This model simplifies the implementation of security measures, identifies deviations, and mitigates risks.

Van Klei explains:
“Each space has a different risk profile—consider areas housing IT network components or the boardroom. The model outlines measures to adequately mitigate risks for each type of space, such as implementing four-eyes access with camera observation as support. Safety aspects like emergency exits are always considered, and IT security is integrated into the process.”

This policy co-development aligns with Security as a Service, Nsecure’s comprehensive service offering that allows companies to outsource their entire access and security policies, covering both personnel and technology.

Card Management as a Service

Since January 2021, NN Group has used Nsecure’s YIM workflow and identity management solution for employee access card requests, distribution, and activation. The process is designed as a self-service model, where employees upload a photo and select a pick-up location. Nsecure automates the card production process, culminating in a QR code sent to the employee, allowing them to retrieve and activate their card at the designated location.

This approach offers NN Group significant flexibility. For instance, after acquiring a company with 500 employees, NN can issue access cards within a week. The automated process also ensures 24/7 continuity, allowing employees to request access cards online without needing facility staff on standby.

“This level of service is unique in the financial sector,” notes Van Klei.
“Normally, access cards are managed in-house. Systems hosted externally and integrated into corporate networks must meet strict compliance standards from regulators like DNB. These solutions must also ensure employee privacy and safeguard the insurer’s network from malicious actors.”

Versluis concludes:
“The process runs seamlessly. The only challenge is getting people used to the self-service approach—much like the initial adjustment to managing bank accounts online after physical branches disappeared.”

Three Pillars of Security

Nearly two decades of collaboration have forged a close relationship.
“Our people have essentially become part of NN,” says Van Klei.
“They’re fully integrated, which is remarkable given the strict requirements.”

Versluis agrees:
“The people make the difference. We’ve truly become colleagues, always finding each other quickly.”

The partnership’s three core pillars are:

1. Relieving complexity, especially with challenging issues.
2. 24/7 security continuity.
3. Deep expertise in the financial sector’s security landscape.

Versluis highlights Nsecure’s reliability:
“Nsecure always delivers on its promises. Many companies overpromise during contract negotiations, only to disappoint later. Nsecure, however, always follows through.”

A Future with Biometric Access Control

NN Group and Nsecure are planning for an exciting future. NN is focusing more on its core tasks while Nsecure handles security, safety, and hospitality challenges. YIM will soon include features for pre-registering visitors and requesting authorizations for restricted areas. By the end of 2024, all NN buildings in the Netherlands and Belgium will adhere to the group’s defined security policies.

One significant step ahead is biometric access control. Versluis shares:

“We’ve created a test environment to explore how biometrics can enhance physical security while giving our premises a more welcoming atmosphere. The idea is grounded in hospitality: access is granted unless biometrics indicate otherwise. We’re on the brink of widespread adoption, and we trust Nsecure to implement this seamlessly.”