Cloud computing is growing in popularity among insurers and producers—and as usage evolves, so too is a thorough understanding of the risks involved, says Tim Francis, second vice president/enterprise cyber lead for insurer Travelers.
In one sense, the exposures for cloud computing remain very much the same as they are for an internal computer system: A potential cyber-attack or hacking could access and expose precious personal data. Or information could go missing or become exposed through negligence.
Cloud computing's disadvantage is that once a carrier or agency has turned over its data to the cloud, a degree of oversight is lost. And the ability to grasp the extent of a data breach is impaired, says Francis: "Control is limited, and you may not be allowed to look at the [cloud computing] information to identify what happened."
A breach could also be expensive "depending on what was compromised, and what needs to be fixed," he adds.
What could become especially costly is when a hacking results in a company having to provide precautionary credit checks for clients or, in some cases, even paying actual insurance claims.
The worst fallout is losing a client— which is made more frustrating when the compromise is through no fault of the carrier or agency.
Francis advises an agency take the following steps to protect itself and more fully understand its exposure:
The first is doing a thorough cost-benefit analysis to determine if it's even economical to move to a cloud server; it's imperative an agency understand the benefits and pitfalls behind cloud computing before embarking down this path.
Next, do due diligence on the provider. Before finalizing any decision to go with a cloud-computing vendor, have an attorney thoroughly review the contract. That review should note who is responsible for what parts of the agency's data.
Finally, agents need to obtain good cyber-risk coverage—which is something an agent should have anyway, regardless of whether data is handled in-house or through cloud computing. That coverage should address information ranging from hard documents to exposure through the cloud by hackers involved in a criminal enterprise.
"Cloud computing is just a buzzword that can lead one to believe that there is nothing to think about—but someone can't think that they are immune to exposure and risk," Francis observes.
"[Agencies] handle a lot of information, and with technology, when it goes missing it is in big chunks—and that has a material economic effect on an agency," says Francis. "Insurance can be an effective backstop to a wave of liability and cost."
He notes that there are a host of insurance-policy products that provide protection. And while some of these are solid, there are others that are deficient and may not protect the agency.
"Agents need to work with their carrier and make sure they are getting the most up-to-date product or to understand that if there are deficiencies [in the policy], what those deficiencies are and make some business decisions based on that," he adds.
Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader
Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
- Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
