Return of the Guru

A New Hope for Cloud Security

Ara Trembly
Insurance Experts' Forum, December 21, 2011

As the data storage challenge continues to grow for insurers and everyone else, one of the obvious solutions is cloud technology. Storing data on remote servers rather than in-house is definitely a money-saver, but in insurance circles, the worry has been that having critical data reside outside the physical and virtual walls of the insurance enterprise is a risky situation.

Some good news has emerged on that front recently, however. According to ScienceDaily, research carried out at the Weizmann Institute and MIT may soon make it possible to work on data while it is still encrypted, giving an encrypted result that can be securely deciphered.

Our industry makes its living by performing computations on data in order to determine risks and set pricing, among other things, but until recently it was unclear how we could do such calculation on data stored in "the cloud" without letting anyone else see our information. “Attempting computation on sensitive data stored on shared servers leaves that data exposed in ways that traditional encryption techniques can't protect against,” the article notes. “The main problem is that to manipulate the data, it has to be decoded first.”

Now a new method, called fully homomorphic encryption (FHE), offers a realistic hope that such calculations can be performed securely in the cloud. While this process was extremely time-consuming and unwieldy when first discovered in 2009, newer developments have greatly increased speed, says ScienceDaily. “Optimized versions of the new system could be hundreds -- or even thousands -- of times faster than [the] original construction.”

This technology has now reached the point where computer engineers can begin to work on applications, says the article. These could easily include securing multiple forms of data normally manipulated by insurer systems. IT would even allow an authorized third party to work with encrypted insurer data, for example.

Obviously this technology has yet to see the light of day in applications, but look for that to happen over the next several years, as data storage and market pressures converge to push insurers inexorably to the cloud. Progress won’t be rapid, but it should be steady.

Ara C. Trembly (www.aratremblytechnology.com) is the founder of Ara Trembly, The Tech Consultant, and a longtime observer of technology in insurance and financial services.

Readers are encouraged to respond to Ara using the “Add Your Comments” box below. He can also be reached at ara@aratremblytechnology.com.

This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.

The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News.

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

The Other Auto Insurance Telematics Shoe Drops

Progressive's decision to charge Snapshot drivers more if their driving data indicates higher risk has started the industry down a road of data-driven adverse selection.

Core Transformation – Configuring in the Rain

The whole point of core transformation is that changes at the micro level can be used as a stimulus for changes at the macro level.

6 Ways to Develop a Productive IT-Business Dialog

Relationship management 101 for keeping IT and business on the same page.

Unified Digital Strategy: Succeeding in the Digital Revolution

A unified digital strategy recognizes that all business strategies and technologies touch the customer in some way and that a one-size-fits-all channel model is obsolete.

Agile and Continuous Delivery in a Regulated Environment

Just because a development team is doing continuous delivery or packaging releases into two-week sprints doesn’t mean that code is being moved to production.

Dealing with the COBOL Brain Drain

Documentation on aging systems often is akin to tribal knowledge, and the potential for things to go bump in the night increases as these environments face generational transition.