ARE INSURANCE CARRIERS READY TO JUMP INTO THE CLOUD?
In increasing numbers, enterprises around the globe are adding public clouds to their technology portfolios.
Property/casualty insurers have started getting their feet wet with moves to cloud computing for noncore office and support service functions. But they won’t realize the full benefits until they start moving mission-critical workloads to a cloud environment, according to Aviv Cohen and Meryl Golden of Earnix, who outline the benefits and address concerns about privacy and security.
According to Forrester, adoption of public clouds by all types of business enterprises will cross over the 36 percent mark this year. Gartner research shows public cloud services grew more than 17 percent worldwide in 2014 to $152 billion and will grow 16 percent in 2015 to $177 billion. Gartner also predicts total spending on public cloud services for all segments will reach $282 billion through 2018. This means that cloud services are becoming the bulk of new IT spend by 2016.
The insurance industry, by its very nature, is heavily regulated and sensitive to risk. Though it has been a user of IT and business process outsourcing and offshoring for quite a while, the industry has been perhaps slightly more reticent than other industries to embrace public cloud computing, at least initially. But this is changing—and fast. Nowadays, the potential of cloud computing no longer is a topic of debate in the insurance industry, and adoption of cloud services is beginning to ramp up.
The cloud is an ideal fit in cases of highly variable or unpredictable workloads or budget constraints and where several customer-facing, time-sensitive applications need to integrate efficiently.
Carriers are warming up to the cloud by using public clouds initially for noncore office and support functions, such as marketing automation, salesforce management and call centers. Others have taken a different path and are utilizing a cloud-based infrastructure or application for compute-intense actuarial and reporting tasks. These tasks often are time-consuming and require complex computational capacity, with a great deal of seasonality in demand. For example, statistical modeling of large datasets is one of the most common, repetitive tasks that are performed for pricing, underwriting and even marketing.
Finally, there are a few instances of carriers utilizing cloud for core-related applications—including policy administration, claims and billing systems—and even more are considering moving their IT applications to the cloud over the next few years. Gartner recently reported that more than 50 percent of surveyed carriers currently are using cloud services and more than 20 percent are planning to do so by 2017. (“Gartner Survey Analysis: Cloud Adoption Across Vertical Industries Exhibits More Similarities Than Differences,” Feb. 18, 2015)
Increasing Interest in the Cloud
There are several clear reasons for the transition of insurance companies into the cloud environment, including budget constraints and operational benefits.
The full potential of cloud computing is about much more than a cost-focused return on investment. It is about creating value for the clients.
With much of their current budget going toward maintaining or replacing their complex, information-rich core systems, carriers are looking for ways to improve operating expense ratios and liquidity. They are doing this by reducing capital expenses and replacing upfront capital infrastructure expenses with low variable costs that scale with the business. A quick comparison between the annual cost of a cloud server, ranging from $5,000 to $9,000, and an internal IT server that would range from $12,000 to $18,000 (including total cost of ownership or “footprint” cost of around $1,500 annually), reveals the clear financial benefits of transitioning to the cloud. (Editor’s Note: TCO measures of technology costs typically include expense items related to maintenance, upgrades, service and support, security, training, licensing, infrastructure or floor space, backup and recovery, and insurance.)
But although any change to a business process must justify itself in terms of cost and effort, the full potential of cloud computing is about much more than a cost-focused return on investment. It is about creating value for the clients.
For the insurance industry, moving to the cloud offers several layers of operational benefits.
Deploying new pricing models into the cloud environment can take a few days as opposed to weeks when deployed on an internal IT environment.
Increasing competition in the market and the growing number of nontraditional players force carriers to move fast. They need to handle big data on one hand and bring services to market quickly on the other hand. Complex applications, data warehouses, server software and new business solutions designed to meet these challenges require a great deal of computing power. While legacy IT infrastructures may hold them back, the cloud lets carriers respond to changing market conditions, speed delivery of products to market and scale as required. Deploying new pricing models into the cloud environment, for example, can take a few days as opposed to a few weeks when deployed on an internal IT environment.
While operating on the cloud, any additional resources that are needed can be easily added. Furthermore, these resources can be downsized when demand dies down. The flexibility to accommodate this fluctuating demand cannot be mirrored in a fixed environment, and certainly not for short-term requirements.
On the cloud, carriers can consolidate their core systems and technology, such as policy administration, underwriting and claims to lower costs and improve agility. This move creates a more flexible enterprise by streamlining product development processes, addressing workloads and adopting agile technologies.
The cloud environment can support direct, multichannel relationships with customers. It provides a central place to house applications where collaboration can flourish in real time, between sales agents, employees, field representatives and developers. It also addresses the need to present customers with coherent interactions across any channel they use.
Is It Safe?
Even when the promised potential value of cloud computing has been proven, cloud computing still is perceived as less secure than on-premises servers. This is more of a trust issue than it is based on any reasonable analysis of actual security capabilities.
As the sophistication of cyberattacks rises, individual companies are struggling to keep up with the latest in platform security while maintaining day-to-day operations. On the flip side, the majority of cloud providers invest significantly in security technology and personnel because they realize that their business would be at risk without it. They provide their services in highly secured and controlled platforms, delivering a wide array of security features that customers can use, as well as having industry and independent third-party internationally recognized certifications. These include standards like ISO 27001, FIPS 140-2, HIPAA, SOC 1/SSAE 16/ISAE 3402, PCI dds3.0 and FedRAMP.
As a result, companies may obtain better security when operating in a cloud environment because they receive best-in-class security features and can choose to work with vendors that make security a top priority. Security patches are applied automatically to each component of the environment, regardless of the company’s own IT procedures and resource availability. To date, there have been very few security breaches in the public cloud; most breaches continue to involve on-premises data center environments. (Source: Gartner Highlights the Top 10 Cloud Myths, Oct. 1, 2014)
Vivek Kundra, former Federal CIO of the United States, once asserted: “Cloud computing is often far more secure than traditional computing because companies like Google and Amazon can attract and retain cybersecurity personnel of a higher quality than many governmental agencies.” (Kundra made the assertion in an Op-Ed piece in the New York Times titled “Tight Budget? Look to the ‘Cloud,’” published Aug. 30, 2011.)
Large companies—including IBM, Microsoft, Oracle and SAP—are embracing the cloud and trying to find ways to move their customer bases there. Many early customers of cloud services were startups, but today the list includes most of the Fortune 500 and even the U.S. government and CIA. Alcatel-Lucent, Aon, Comcast, Dow Jones & Co., Ericsson, The Financial Times, Guardian News, Johnson & Johnson, NASA, The NASDAQ OMX Group Inc., Novartis, Pfizer, Philips, Siemens, Suncorp and FINRA are just part of the very long list of companies listed as Amazon Web Service (AWS) users.
Cloud Benefits for P/C Insurers
- Lowers costs by eliminating total cost of ownership (TCO) and reducing capital expenses, replacing upfront capital infrastructure expenses with low variable costs that scale with the business.
- Meets computing power demands for complex applications, big data warehouses and others.
- Allows insurer to respond to changing market conditions, speeding delivery of products to market.
- Supports multichannel relationships, addressing the need to respond to customers and allowing real-time collaboration between agents, underwriters, field reps and product developers.
For carriers, the main concern has been putting their data—their most valuable virtual asset—out there on the cloud. At Earnix, for example, our customer base initially was hesitant about cloud adoption, but they now have realized that cloud security meets and even exceeds their own IT standards. Earnix provides advanced integrated customer analytics and predictive modeling software solutions that can be integrated into a carrier’s core systems, and as such this was a genuine concern to them. We have been able to address this concern by making sure no personally identifiable information (PII) data will be transferred to the cloud and by presenting strict cloud security protocols including an isolated virtual private cloud (VPC) for each customer, dedicated tenancy, two layers of firewalls (Earnix and cloud), role-based access definitions, role separation, and advanced monitoring and alerting systems.
Cloud Basics: Knowing Where to Start
There are three cloud computing categories: software-as-a-service (SaaS), infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS). Cloud services are broad and can span multiple levels, models (“lift and shift,” cloud native), scope (internal, external) and applications. It is not a one-size-fits-all solution; there have been some instances where a perfect fit for certain categories and specific models have accrued. (See related article, “Cloud Benefits: Understanding Terms.”)
The cloud is an ideal fit where value is placed on flexibility, agility and scalability. Examples include cases of highly variable or unpredictable workloads; where there are budget constraints or obvious room for savings; where several customer-facing, time-sensitive applications need to efficiently integrate; and where self-service provisioning and reprovisioning are key.
Defining a cloud strategy begins by identifying business goals and mapping potential benefits of the cloud to them while mitigating the potential drawbacks. Cloud should be thought of as a means to an end, not as a goal unto itself.
Defining a cloud strategy begins by identifying business goals and mapping potential benefits of the cloud to them…Cloud should be thought of as a means to an end, not as a goal unto itself.
Cloud computing is not an all-or–nothing decision. To realize the promise of flexibility, scalability, faster time to market and cost savings offered by the cloud, carriers don’t have to fully integrate into the cloud. The cloud can and should be adopted in stages and in specific cases. Carriers can choose to get their feet wet with ancillary functions and systems, rather than those systems that power their core insurance business.
As carriers learn to trust the cloud, they can progress beyond using it for auxiliary purposes only and move toward using the cloud for mission-critical workloads. Some of these uses are true cloud services (SaaS, cloud native), while others are hosted models where cloud benefits are lower but still represent a legitimate use.
Hybrid solutions also can play a key role, along with cloud bursting—i.e., running an application in a private cloud or data center and then bursting into a public cloud when the demand for computing capacity spikes.
In a world of increased digital interaction and data collection, the cloud holds a great promise that prepares organizations for future growth with a next-generation platform.
Sources of the statistics on cloud usage and cloud risks cited in this article include:
- The Forrester Wave: Enterprise Public Cloud Platforms, Q4 2014, Dec. 29,2014
- Gartner Forecast Analysis: Public Cloud Services, Worldwide, 4Q14 Update, April 10, 2015
- Gartner Survey Analysis: Cloud Adoption Across Vertical Industries Exhibits More Similarities Than Differences, Feb. 18, 2015
- Gartner Highlights the Top 10 Cloud Myths, Oct. 1, 2014