Return of the Guru

Cybercrooks Follow Money and Trends to Mobile Apps

Ara Trembly
Insurance Experts' Forum, June 2, 2011

We’ve said a lot in this blog about insurers migrating to social media initiatives and the security dangers posed thereby, but another technology trend appears to be taking hold in our industry, and those who want to steal and destroy are not unaware of it. 

A recent Computerworld report notes that for the second time in three months, Google has canceled dozens of malware-infected Smartphone apps from the Android Market. 

As in the March episode, when Google removed more than 50 apps, the newest round consisted of pirated legitimate programs that had been modified with malicious code and then re-released to the Android Market under false names.

Once again, we see that crooks can be instantly reactive when it comes to spotting trends—and vulnerabilities—that will work to their nefarious advantage.  The very real fear among legitimate businesses is that infected apps could be used to seize control of Smartphones, tablets or other computing devices, and that such control—and damage—could be extended to the network itself.  In a network that allows connectivity to such devices, this could trigger catastrophic developments, as criminals think of new and less detectable ways to hijack systems and accounts for their illicit gain. 

This news comes at an interesting time for the insurance industry.  At the recent ACORD LOMA Insurance Systems Forum in San Diego, it was not hard to see that quite a few at the conference were sporting some form of tablet computer, while even more had Smartphones of one kind or another.  Everyone likes the portability and convenience of these devices, yet few seem to realize that data security for portable devices is still very bad.  I have no doubt that there is a groundswell of pressure on insurance IT folks to integrate a variety of devices into the corporate network for the convenience of employees, and for certain workers, especially those in claims adjusting, this makes sense. 

In a way, today’s insurance IT executive who is weighing the options on portable connectivity is like a baseball umpire.  He or she has to ignore the chants and cheers and boos of the crowd and make the right call in spite of all the clatter.  If you are an insurance IT person charged with this kind of responsibility, I do not envy you.  My first and most important suggestion is that you get buy-in for whatever you want to do from the highest levels—and get it in writing.  If a significant breach occurs via some connected tablet, Internet phone or other portable device, you want at least to be able to say that you didn’t allow the access all on your own. 

Finally, like that umpire, be ready to be called blind, ignorant and maybe even a “bum,” when your policy doesn’t meet with someone’s approval.  It comes with the territory, but that doesn’t mean you have to like it.  Be prepared. 

Ara C. Trembly (www.aratremblytechnology.com) is the founder of Ara Trembly, The Tech Consultant, and a longtime observer of technology in insurance and financial services.

Readers are encouraged to respond to Ara using the “Add Your Comments” box below. He can also be reached at ara@aratremblytechnology.com.

This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.

The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News.

 

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

To Quantify or Not — That is the Question with Modernization

Making the quantitative case is a long-practiced ritual in many insurance organizations.

3 Reasons DevOps Matters

Every insurer needs to compete on products and information turned around in light-speed fashion.

Coordinate Coverages to Manage Social Media Exposures

The bottom line is that no one policy will cover all the exposures in the social media realm.

The Internet of Things: Helping Insurers Make Better-Informed Decisions about Risk

The IoT is a major game changer for the insurance industry, and will likely affect every part of the insurance value chain. After all, insurance is data-driven, and that’s exactly what the IoT can deliver—relevant, actionable, real-time data that can provide an accurate picture of what is being—or may be—insured.

Software-Defined Everything

What does it take to virtualize all the key components in your data center?

On Thanking the Regulator … Really

The Financial Conduct Authority is demanding higher standards of consumer protection from insurers, which could lead to greater customer engagement and understanding.

Advertisement

Advertisement