Insurance & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Security

04:30 PM
Anthony O'Donnell
Connect Directly
Facebook
Google+
Twitter
RSS
E-Mail
50%
50%

Embracing the Cloud -- But Only to a Point

Insurers are expanding their use of cloud-based offerings. But carriers are avoiding any cloud-related services that could jeopardize the security and privacy of sensitive data.

Cloud computing and its related shared-computing models -- software as a service (SaaS) and platform as a service (PaaS) -- present a welcome opportunity for insurers to carve out new efficiencies, and carriers have begun to avail themselves of these opportunities. But while insurance CIOs are warming to a variety of cloud, SaaS and PaaS offerings, concerns about the privacy and security of sensitive customer data have made insurers cautious about when and where they adopt them.

"Recent headlines about major data breaches have by no means allayed insurers' anxieties around client data confidentiality," notes Clark Troy, research director, Aite Group (Boston). "Nonetheless, vendors of SaaS online application, new business and underwriting, and claims solutions continue to tack up wins -- just not in the same volumes one sees in other industries."

Due to the sensitivity of insurance data, the relatively slow adoption of cloud-related solutions in the industry is not likely to change, suggests Rick Roy, CIO of Madison, Wis.-based CUNA Mutual Group ($2.83 billion in 2010 revenue). "We are hearing more about how insurers are adopting SaaS solutions outside their core systems of policy admin, claims and financials," Roy says. CUNA Mutual uses Salesforce.com for sales force automation and Learn.com for training, and the carrier is converting its human resources platform this year from Oracle's (Redwood Shores, Calif.) PeopleSoft to Workday (Pleasanton, Calif.), he adds.

But Roy acknowledges the potential drawbacks related to the security, performance and availability of cloud offerings. "Security for non-public, private information remains a huge concern for insurers, as it is a business issue that spans beyond just a technology issue," he elaborates. "And outages like the recent Amazon web services incident have also renewed industry concerns around availability and performance of cloud."

These concerns, and the "risk-averse culture" of insurance, tend to limit insurance adoption of cloud-related technologies to non-core IT functions, opines Steve Byrne, VP of agency and field automation technology and acting CTO of Harleysville Insurance (Harleysville, Pa.; $1.1 billion in 2010 net written premium). "We haven't seen much adoption of SaaS or cloud infrastructure for core systems, such as policy administration and claims," he says.

Nonetheless, the cloud does offer insurers efficiency opportunities, including in software development and testing, Byrne stresses. "To buy the hardware for [test] environments is extremely expensive, and they will sit idle most of the time anyway," he explains. "The virtualization and grid-like capabilities of cloud allow you to quickly provision the needed resources -- including platform, database, operating systems and applications -- required to support developing and testing activities."

Byrne adds, "The beauty of it is that it's vapor -- you push a button and it's there, and the second you've completed your activity, you tear it down."

Other potential uses of cloud technology in insurance include functions like monthly analytical scoring, for which computing capabilities can be accessed for only 12 days of the year without having to pay for idle infrastructure during the other 353 days, Byrne says, adding that similar advantages would prevail for an insurer exploring a new business venture. "Often, in the past, IT would be faced with acquiring and building out infrastructure to support a new venture. If the venture didn't result in success, you'd be stuck with unneeded infrastructure," he comments.

Among the cloud-related opportunities that Harleysville is considering is business continuity/disaster recovery, Byrne adds. "By using the cloud, the traditional model for DR is a thing of the past. Instead of reserving physical space and hardware that sit idle year round and generate additional costs, the cloud allows you to only pay for what you use, when you use it," he says. "The potential savings here can be dramatic."

Core Possibilities

Byrne acknowledges an opportunity to run core systems in a cloud, but he says he needs to address data leaving Harleysville's physical environment. "Until we cut our teeth on how to apply cloud to non-critical applications, I'm not comfortable using it for mission-critical applications," he says.

Pawtucket, R.I.-based Narragansett Bay Insurance Co. (NBIC; $62 million in annual premium) owes some of its comfort with the cloud to the fact that its systems are web-based and, as a result, location-agnostic, according to CIO Mike Anselmo. NBIC runs three private cloud/SaaS installations for its in-house-built agent portal; its BlueWave (Honolulu) claims system; and its Exigen (San Francisco) policy, billing and document management system.

"Nothing in our building is core," Anselmo relates. "All of our revenue-producing systems are in one of our three private clouds, with redundant networks, security, disaster recover and fail-over built in."

Anthony O'Donnell has covered technology in the insurance industry since 2000, when he joined the editorial staff of Insurance & Technology. As an editor and reporter for I&T and the InformationWeek Financial Services of TechWeb he has written on all areas of information ... View Full Bio

Register for Insurance & Technology Newsletters
Slideshows
More Slideshows
Video
All Videos