Edmunds says making a property insured to value is a big issue for insurers. There are guaranteed replacement costs policies, and the properties are not necessarily insured to value, he says. They need to be insured to value for the customer so we can collect the proper premium on the proper value of the home.

HomesitePro creates valuations by gathering a few pieces of information about the home from an agent or homeowner. It then builds a virtual model of the home behind the scenes, using smart assumptions built into the program. The result is a component-based calculation that individually outlines rooms in the home and determines what materials and labor are needed to build each room. Instead of applying overall statistical factors, the program matches the current pricing for drywall, lumber, doors, etc., to the amount of material needed for each room and likewise for labor. Users can drill down to any level of detail they desire to change qualities, adjust component assumptions, or simply add more information.

Product: Sapiens eMerge
Company: Sapiens International Corp.
Web site: www.sapiens.com

Sapiens is expanding its eMerge policy ad-ministration system by broadening it from commercial lines to personal lines across multiple states and by Web-enabling the system. OneBeacon Insurance Group, a Massachusetts-based subsidiary of the White Mountains Insurance Group offering personal, commercial, and specialty lines, recently signed a contract to implement the improved solution.

Arne Herenstein, vice president application development services for OneBeacon, says eMerge is a very powerful tool for an insurance company. It is going to make our statistical people and our underwriters happy.

The solution provides in-surers with easier access to information through the use of personalized portals for the carriers independent agents. The open architecture allows OneBeacon to expand its market presence, enhance customer service, and streamline the business process, thus reducing costs. OneBeacon also will be able to respond to rate and product opportunities more quickly, according to Herenstein.

Sapiens past support of our IT needs gives us great confidence to move our legacy systems into a new open architecture to better serve independent agents and policyholders, says Mike Natan, OneBeacon CIO. The policy administration solution quickly will provide us with real business advantages in an increasingly demanding and cost-conscious marketplace.

The eMerge solution was originally built for commercial lines, and that will remain the foundation for the expansion into personal lines. The solution utilizes IBMs WebSphere and the eMerge rules-based technology. Its ability to operate on a variety of platforms is one of the key requirements, according to Herenstein. Being Web-enabled, business development can be pushed back to the business side of OneBeacon instead of the IT department. It is much faster, he says. It gives us the ability to do product configuration, and it gives us a much better view into the data.

Sapiens lists several benefits to eMerge, including fast time to market with a rules-based business system that eliminates procedural code. A central repository contains all application definitions, and any application element defined in the repository need only be changed once for all of its appearances in the application to be updated automatically.

eMerge has an enterprise-scale transaction engine capable of running heavy-duty transaction loads and supporting thousands of simultaneous users. Applications developed on one platform may be deployed on another without changes. It also features a globally oriented, multilingual deployment within one application, and a complete separation of data, logic, and presentation layers of an application, providing scalability and flexibility to the developer. The system has the support of Java, COM/COM+, and XML interoperability. It also has full integration of back-office legacy applications to the Web.

Shopping Cart

Product: Subrosource
Company: Trumbull Services, LLC
Web site: www.trumbull-services.com

Trumbull Services, LLC, has released a new version of Subrosource, its subrogation software formerly known as Matador. Trumbull is the Windsor, Conn.-based provider of outsourcing and technology services to the property/casualty insurance industry. The new version of Subrosource is Web-enabled, increasing productivity and functionality for its users. Workflow, strategies, and data can be accessed through a suite of account management tools to provide a total solution to the claims subrogation process. The product is being offered on an ASP basis, as a faster and more convenient service. Stephen Holcomb, president of Trumbull, believes Subrosource will assist P&C insurers in loss-recovery efforts. Subrogation is an area that has a significant financial impact on a companys results, he says. But it has been largely untapped from a technology perspective.

Product: SurveyWriter.com
Company: SurveyWriter
Web site: www.surveywriter.com

Insurance carriers looking for market feedback from potential or existing customers can turn to an online tool that allows them to measure customer attitudes and opinions regarding products and services. Survey-Writer.com allows insurers to create a questionnaire that allows the carrier to retain control of the look and feel of the survey. The survey is linked to the carriers Web site, and results are tabulated automatically with presentation-ready charts. There are no upfront costs, and SurveyWriter charges $1.25 per completed survey. Joel Friedman, CEO of SurveyWriter, says insurers are using the system to gauge customer satisfaction on claims. It can be used to measure attitudes of a market segment to individual companies or agents, he says.

Product: CertificatesNow
Company: ConfirmNet Corp.
Web site: www.confirmnet.com

The online insurance certificate service offered by ConfirmNet includes a new user interface in its latest release, Version 6.0 of the CertificatesNow product. Added features include a new homepage with icons rather than text instructions to move to commonly used features, a progress bar showing all the steps included in the task while highlighting the current step, simplified account management, and reduced steps and screens necessary to deliver certificates.

ConfirmNet has a suite of Web-based services for those managing certificates of insurance. In addition to CertificatesNow, it also offers Carrier Reporting, which allows carriers to audit and measure risks by accessing certificates that reference their organization.

Product: DataFlux
Company: DataFlux Corp.
Web site: www.dataflux.com

DataFlux Corp. has announced the release of Version 5.0 of its data-quality and data-integration tools known as dfPower Studio, Blue Fusion SDK, and dfIntelliServer. (Blue Fusion CS is the former name for dfIntelliServer.) The company re-engineered its product set to give users a completely integrated offering of products to enhance integration of any type of data. Among the functions enhanced by the new version are customer relationship management, supply chain management, business intelligence, data mining, and data warehousing.

Features of the new version include automatic language recognition, intuitive GUI for business-rules editing and customization, and the ability to handle international data in a single pass. Intelligent data integration is all about providing a single, accurate, consolidated view of an organizations data, says Tony Fisher, president and CEO of DataFlux.

Special Report: Security in the Age of Cyberterrorism
by Ara C. Trembly

Security Woes Go from Bad to Worse

While insurers work on adopting data security measures mandated by federal legislation, the threat of security breaches is increasing at an alarming rate, a panel of experts warned the audience at Fall Comdex 2002, the annual technology exposition for the computer industry. Just how bad is it? Its pretty bad, said Andrew L. Briney, editor-in-chief of Information Security magazine and moderator of the panel discussion. Briney cited figures showing security vulnerabilities have risen by 124 percent over the past two years. Actual virus infections increased by 15 percent from 2000 to 2001, while some 200 new viruses are seen each month, he added.

He pointed out the Melissa Virus in four days caused some $400 million in corporate losses worldwide, and in just five hours, the Love Letter Virus racked up losses between $8 billion and $15 billion. The Code Red Virus, meanwhile, brought down some 520,000 servers and caused $2.6 billion in losses, he said.

Gene Hodges, president of Network Associates Inc., based in Santa Clara, Calif., believes three things one can be sure of are death, taxes, and escalating attack rates. He also noted there has been a strong trend toward targeted cyber attacks that demand a higher skill level.

One problem the panelists pointed to in defending against outside attacks is the high number of security patches software manufacturers send to their customers. According to Bruce Schneier, founder and chief technology officer of Counterpane Systems, based in Minneapolis, there are 20 to 30 security patches per major product per week. Most companies dont have the time and resources to keep up with installing the patches, and some patches require system shutdowns. The notion we can find stuff and fix it has failed, said Schneier. We need to move to the philosophy that we will never make our networks safe. As a scientist, I can tell you we have no clue how to write secure code.

He added all software bugs that be-come security vulnerabilities are mistakes. The reason software isnt secure is because the companies producing it dont care, Schneier asserted, eliciting spirited applause from the audience. Microsoft and other software producers, he explained, are judged by the speed of product releases, he added. If Firestone produces a tire with a systematic flaw, they get sued. When Microsoft [produces a flawed product], they dont.

Every software vendor here could do a better job of protection, Hodges agreed.

Best Bet: Minimize Risk

The challenge is the attacks are more and more sophisticated. The best you can do is try to minimize your risk, according to John Weinschenk, vice president of the Enterprise Services Group for VeriSign Inc. in Mountain View, Calif. He recommended companies formulate specific risk-management plans to deal with the possible consequences of cyber attacks. Briney also pointed out security concerns are the number-one barrier to the deployment of wireless [technologies].

The threat is serious, agreed Dan MacDonald, vice president of Internet communications for Nokia in Tokyo. Corporations, he said, need to be aware wireless networks could be dangerous to their corporations. The solution, he said, is strong authentication and encryption. That is best practice these days, he observed. Schneier characterized wireless communications as being robustly insecure. He added, The people who designed the [wireless] protocol did a horrible job on security.

Rogue Risk

The panel pointed to a widespread trend of individuals bringing their own wireless devices to work and linking into their corporate networks. Among such rogue wireless users (those whose links are not set up by the companys IT department), most are vulnerable to attack, the panelists agreed.

Briney also noted 48 percent of European companies in his research have said security worries keep them from adopting Web services. Schneier, however, disagreed such worries will slow Web services growth. The key to Web services is making a profit, he explained. Web services will be deployed with not-good security, with half-[hearted] security. If you can make more money than you lose, youll do it. Security is a nice thing to have, but when youre making money, get that thing out of the way.

When it comes to spending on security, Weinschenk said regulated markets (such as insurance and financial services) are spending money on it, because they have to. Briney noted IT spending devoted to security is showing a 21 percent compound annual growth rate among all companies, but Schneier argued, The average company spends more on coffee than on security.

New Security Technology Products Abound

While news of real or perceived cyberterrorism threats continues to fill the media, technology vendors have been scrambling to market new products designed to help companies reduce or neutralize threats to their businesses.

The insurance and financial services industries in particular deal with huge volumes of sensitive data, including personal health and financial information. Data protection standards mandated by federal legislation, along with consumer cries for privacy and security, have made this a hot issue in the technology arena.

The productsincluding firewalls, intrusion detection software, and hardware deviceswere introduced at Comdex.

Westinghouse Electric Company (a business unit of British Nuclear Fuels), announced the release of version 3.05 of its StatePointPlus software suite. According to Monroeville, Pa.-based Westinghouse, the software provides organizations with a workable, scalable, and continuous protective strategy for pinpointing and rectifying unauthorized alterations in systems and data across the enterprisebefore, during, and after security breaches.

Westinghouse said the technology also detects and eradicates sneaky threats, such as Trojan horses and worms.

StatePointPlus delivers control over network and security systems, said Westinghouse. It reduces operational costs and mitigates business risks, while providing security at no additional cost.

From a central console, systems administrators and security administrators can remotely control the attributes of every software object in every computer on a network, the company stated. The software continuously diagnoses systems and enforces baseline parameters set by the administrators. By managing computers at this level, IT organizations can cut support costs and production losses while simultaneously speeding change to strategically needed technologies, Westinghouse added.

StatePointPlus 3.05 is currently available for Microsoft Windows 2000, NT, and XP environments. The new version also makes these capabilities available for the first time to users on Solaris operating systems, the company said.

Pricing information was not provided. Further details are available at www. StatePointPlus.com.

Zone Labs, Inc., announced a major upgrade to Zone Labs Integrity, software designed to protect PCs and data in networked environments.

Integrity 2.0 hardens organizations defenses against hackers, Trojan horses, and targeted attacks with its centrally managed features, including firewall and application controls, said San Francisco-based Zone Labs. The system integrates transparently with network infrastructure to deliver policy management, enforcement, and monitoring, the company added.

Endpoint security is a mainstream issue for todays enterprise; facing a landscape of evolving risk, customers understand each vulnerable PC and the important data it contains must be secured, said Frederick Feldman, vice president of marketing for Zone Labs.

Zone Labs said Integrity 2.0 provides proactive protection from targeted attacks and network infiltration. It also guards against these risks whether one accesses the network from a remote location via a virtual private network or from inside the corporate firewall. Integrity 2.0 makes it easier for administrators to design and enforce consistent security policies, the company added.

In addition to preventing Trojan horses, spyware, and other malicious programs from stealing data, Integrity 2.0 adds component control to ensure only authorized and authenticated application components can load, the company continued.

Pricing for Integrity 2.0 varies depending on volume purchased and configuration, said Zone Labs. Fees begins at $65 for an end-user license, with an Integrity server license included. The Integrity server supports Windows 2000 and Windows 2000 Advanced Server systems, while Integrity clients run on Windows 95, 98, 2000, NT, and XP machines.

Further information is available at www.zonelabs.com.

iolo technologies, LLC, showed its System Shield utility, which helps prevent identity theft, security attacks, corporate espionage, and malicious extraction of private files.

According to Pasadena, Calif.-based iolo, identity theft is becoming the worlds fastest-growing crime, affecting an estimated 500,000 to 700,000 people annually. The FBI also is investigating an increasing number of cases of corporate espionage in which hackers and disgruntled employees have obtained and sold confidential company data and trade secrets, resulting in the loss of millions of dollars, the company said.

System Shield works on all Windows operating systems (95, 98, ME, NT4, 2000, and XP) and with all types of hard drives and Windows formats, said iolo. The software comes in both Personal and Professional editions.

The Personal Edition acts as a shield against any software-based attacks, the company explained. It purges the names of deleted files from directory structures and overwrites deleted file contents. Users can automatically schedule unattended data cleanup operations.

The Professional Edition contains all the features of the Personal Edition plus additional functions. These include protection from forensic hardware-based recovery and custom data wiping signatures. It is fully compliant with U.S., German, and all other published government-level secure data disposal specifications, said iolo.

A single-user license for System Shield Personal Edition is priced at $39.95, while the Professional Edition is $129.95, the company noted. Volume pricing is available. A 30-day evaluation copy of System Shield can be found at http://www.iolo.com/ss.

Intego Inc., makers of firewalls for Mac users, announced it is entering the Windows market with Intego NetBarrier 2003, a robust collection of firewall, anti-vandal, privacy, and monitoring tools designed to protect PC users from Internet threats.

According to Miami, Fla.-based Intego, NetBarrier 2003 combines a set of anti-hacker safeguards with both predefined security rules for mainstream users and the ability to customize rules for power users and network administrators. Other features include Web site and keyword-based filtering to prevent users from accessing or exporting selected content, and incoming-call blocking for modems.

NetBarrier 2003 operates with Windows 98, ME, NT, 2000, and XP, said Intego. It can be downloaded from www.intego.com, or purchased at major computer chain outlets at an MSRP of $49.95.

Griffin Technologies, LLC, announced SecuriKey Personal Edition, which controls access to laptop or desktop PCs.

Designed for use in portable computing environments, the new product combines a key-like token with software security technology to ensure professional- strength protection against unwanted PC use, said Lawrence, Kan.-based Griffin.

Even if a laptop is stolen, the computers important data remains safeguarded against unauthorized use, the company explained. A variety of access options and security protocols are available for SecuriKey, including two-factor (token and password) user authentication. The product also enables partial access without user authentication where this is needed.

SecuriKeys USB token attaches to any key ring and plugs into a computers USB port, the company noted. Each kit includes two tokens.

Utilizing SecuriKey Personal Edition, users can safeguard sensitive, valuable, or proprietary information such as personal financial data, said Griffin. Users also can restrict access to files and folders, the Internet, or specific applications, while allowing the rest of the PC to be used normally.

MSRP for SecuriKey Personal Edition is $149, the company said. More information is available at www.securikey.com.

Access Denied Systems also unveiled a combination of a key-like USB device and security softwarethe CyberKey Security System.

The product uses a USB memory device manufactured by CyberKey and software from Access Denied to control access to PCs and computer networks using the Windows 2000 or XP operating systems, said St. Louis-based Access Denied.

When users insert the CyberKey device into a computers USB port, the system checks to see whether or not the inserted key is authorized for use in that computer, the company explained. In multi-user, multi-workstation environments, the system allows authorization of unlimited users for a workstation, or a user can be authorized for an unlimited number of workstations.

The CyberKey Security System is available with encrypted memory ranging from 16MB to 2GB. Users can install software and store files on the device when it is attached to the computer. When the user removes the device from the USB port, the computer screen is blanked out and both the mouse and keyboard are locked, said Access Denied.

Pricing information was not provided. Further details are available at www. accessdeniedsystems.com.

SentryBay Corporation introduced ViraLock, which it said is the first software to prevent the spread of computer viruses via e-mail.

According to Newport Beach, Calif.-based SentryBay, the new product takes the approach of trapping viruses instead of trying to identify and block them. ViraLock encrypts e-mail addresses in Microsoft Outlook and Outlook Express. As a result, invading viruses cannot find and use e-mail addresses to send themselves out, said SentryBay.

The company added ViraLock stops mass-mailing viruses such as Klez and Bugbear, as well as new, unidentified viruses.

The software is compatible with and complementary to major antivirus software productsand does not require regular updating to be effective, the company noted. Anyone who has ever been hit by a mass-mailing virus has experienced the embarrassment, cost, and damage to reputation from passing a virus to business contacts, family, and friends, added Marcus Whittington, vice president of marketing for SentryBay. Also at risk is the potential spreading of confidential information with the virus.

The product works with Windows 98, ME, NT, 2000, and XP, the company said.

ViraLock is priced at $19.95 for a single-user license, with discounts available for volume orders, said SentryBay. It can be purchased and downloaded at www.viralock.com. A free 30-day trial version can also be downloaded from the site.