Enterprising Developments

2 Measures that Should be Part of Every Data Security Effort

Joe McKendrick
Insurance Experts' Forum, July 30, 2010

Companies are spending millions to make sure their data is iron-clad safe—from multiple layers of security to network security to SQL protection to encryption to password protection. PCs get locked down, and remote kill switches are built into mobile devices and laptops.

These measures are fine, but there are two steps every insurance company should consider as part of any data protection plan. They should maintain one central, secure master copy of their information, and employ “data masking” to make the data meaningless to any malicious user.

That's the view of Mike Logan, president of Axis Technology, a provider of enterprise IT consulting and data security, on the issues around data management, who recently shared his thoughts with me on data management and security practices within the insurance industry.

Logan is bullish on the emerging best practice of master data management, which he considers to be “a very effective way to go because when you address everything there, particularly both organization and security, you set the stage for success for any upcoming uses.” He went down a list of areas where MDM will pave the way, including outsourcing, virtualization and remote access.

“Protect data assets at the source,” he admonishes. “If an insurance company wants to protect itself for the long term, safeguarding everything at the company's core is the best investment a business can make, followed by laying other tools on top.”

Logan observes that many of his company's insurance clients are now securing their database information with a process known as “data masking.” This process “removes confidential data elements and replaces them with usable, fictitious data,” he explains. “If someone hacks into a company via malicious links in e-mail, lifts data from a person’s account, or mishandles data in an outsource or networking situation, the masked data is useless to a thief because it is out of context with no way to utilize it outside of the environment.”

The threat isn't just outside thieves or hackers; production data is often sent to other parts of the enterprise, such as development shops, where it can fall outside of the control of security teams.

Encryption doesn't quite go as far as data masking in protecting data, Logan says. “Unlike masked data, encrypted information is merely a puzzle that takes a little time to decode. Also, if masked data is misplaced or stolen, it does not need to be reported, unlike encrypted data.”

By safeguarding information at the source, “insurance companies are eliminating their theft risks, saving them millions of dollars both in security measures and losses,” he says.

Joe McKendrick is an author, consultant, blogger and frequent INN contributor specializing in information technology.

Readers are encouraged to respond to Joe using the “Add Your Comments” box below. He can also be reached at joe@mckendrickresearch.com.

This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.

The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News.

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

Wearables Poised to Reshape Insurer-Insured Relationship

Boosted by the impending release of the Apple Watch, wearable devices have received a fair amount of attention recently – and with good reason. This emergent technology has the potential to alter the way the health insurance industry operates on a fundamental level.

Core Transformation – The Ultimate Balancing Act

The core transformation journey requires companies to shift from reactive to proactive business models, incorporating maturing and emerging technologies, customizing and personalizing products, and accelerating speed to market while providing improved customer service.

Despite Valiant Efforts, Insurers' Consumer Ratings Drop

Insurers also are confronting waves of disruptive changes, including big data analytics, an aging population, ongoing economic uncertainty and the growing frequency and severity of natural disasters, which threaten to challenge and undermine businesses.

Why You Can't Take a Wrecking Ball to Your Legacy System

If you think of enterprises like collections of neighborhoods that need to be nurtured, you quickly see that architecture, not obliteration, is the key.

The Apple Bounce: Are Wearables Truly this Big?

I just don’t believe it; only 720,000 Androidwear watches were sold in 2014. Apple has been amazingly successful in so many markets. Were they always first? No, a lot of products before. Were they always best? Again, no, superior devices have fallen.

Ten Stats About Social, Mobile, Analytics, Big Data, Cloud and Digital

Deployment rates have grown in the year since Novarica’s last study on these topics.