Blog

6 Ways to Reduce the Risks of Cloud Computing

Joe McKendrick
Insurance Experts' Forum, April 19, 2010

Let's face it, the insurance industry is all about risk, and the management thereof. Companies in this sector have a very high intolerance level for risky business—it's hardwired into their DNA. That's why, when cloud computing comes up in conversations, security and overall reliability pop up very quickly as concerns and, more often than not, are showstoppers.

I put this concern out to Bill Jefferis of Evolve IP, and Jon Gatrell of Stonebranch/Scribbos—two people immersed in the cloud business—and got some words of advice for insurance-sector executives looking to explore the cloud realm.

•    Start slow and incrementally: “If an insurance organization is concerned about the possible risks, the best bet is to start out slow,” says Jefferis. “If you’re hesitant to jump right into infrastructure-as-a-service or communications-as-a-service, start by piloting a technology or application that is low-risk, and confined to one department of your organization.”

•    Establish best practices policies from the start: “As with any new technology, setting down some guidelines, usage policies and best practices will help mitigate risk, and ensure you get the most out of cloud-based services,” Jefferis says.

•    Make sure your cloud vendor follows best practices and policies: “If the provider offers the ability to track, monitor and control proprietary and confidential information inside and outside of normal business processes, risk is mitigated,” says Gatrell. Among those best practices are rich auditing, encryption and policy management options, he adds. “Claims, health care information and process exceptions require information that may not be easily automated due to the nature of the process and existing tools just won’t work.”

•    Learn from other industries: “The risks, and for that matter, the benefits of cloud-computing services are no greater for insurance companies than they are for companies in related industries, such as health care and financial services,” Jefferis points out. “We have customers in each of these areas successfully utilizing hosted applications and technologies.”

•    Control who can access the cloud offering: An added level of security comes from “the ability to limit access to users and groups,” Gatrell says.

•    Provide ongoing employee training and education in security practices: “Often, it is the employees—not the technology—that exposes an organization to risk,” Jefferis says. “A major component of reducing this risk is educating and training employees on proper use of the cloud, and establishing policies and procedures for who at the insurance organization has access to the data."

Joe McKendrick is an author, consultant, blogger and frequent INN contributor specializing in information technology.

Readers are encouraged to respond to Joe using the “Add Your Comments” box below. He can also be reached at joe@mckendrickresearch.com.

This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.

The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News.

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

The Peer-to-Peer Economy and the Uberization of Insurance

Insurance is about risk sharing, so what better model to bring in technology and make that risk sharing as efficient and effective as possible?

Rethinking Commercial Lines Underwriting Automation

The value an insurer can achieve from the powerful combination of a modern policy system and a complete suite of advanced underwriting solutions will far outweigh any effort involved.

Students are Pushed to Look Past Obstacles, and so Should We

Student teams, in the space of a few weeks, developed a variety of fresh ideas leveraging unique technologies that could help build products and services for insurance customers.

The Best Policy Administration System I Have Ever Seen

So many systems we view look like they screens were designed by a programmer and, worse, could only be used by a programmer.

Living with the Internet of Things (and crowd funding)

The Internet of Things has itís teething problems.

6 Technology Priorities for Individual Life Carriers

While many aging, generally mainframe-based systems, remain capable of supporting basic policy processing and accounting functions, the costs associated with enhancing them are becoming increasingly problematic.