Consider your agency integrations before you accidentally walk the plank.
By Kitty Ambers, CIC, CPIA, CISR, Chief Growth Officer at AVYST
Strategies, guidelines, and protocols for Reopening America are hitting headlines on both micro- and macro-levels. Churches, schools, restaurants, offices, salons – every business and organization imaginable is having to rethink and retool how they connect and interact with their patrons and the greater public.
Personally, I’ve been asked to sit on our church “Back-in-Person” (BIP) Task Force to work through the 48-page document provided to us by our conference leadership. The requirements outlined, in addition to our state-issued mandates, impact decisions we must make to ensure a safe reopening of our campus.
It occurs to me that the process of crafting new and stringent protocols to ensure the safety of people as they interact is not unlike sifting through the complexities of technology integrations. There are systematic things to address and there are protocols required to ensure safer interactions.
Cybersecurity is a top concern of lawmakers, business owners, and consumers alike. As insurance professionals, data protection must be a critical consideration when selecting new applications and technology solutions.
The term “API” has been a major topic of conversation when it comes to improving efficiency. InsurTechs routinely tout the use of APIs to speed the exchange of data across the insurance channel. Agents have become conditioned to think that these Application Programming Interfaces (APIs) are the holy grail and that they are naively safe and secure, but this is often not the case.
I encourage you to approach technology integrations with caution. Here are three suggested protocols to consider before opening your technology platform to others:
- Understand what APIs you’re using, for what purpose, and how they work.
According to SearchSecurity, “Implemented securely, APIs can allow an enterprise to leverage its own and others’ data with ease and security. Implemented badly, they can be leveraged by hackers to attack an enterprise and its users.” Further, Twistlock cautions, “APIs can create additional security risks, as they increase the number of ways in which malicious actors could get into applications and cause chaos.”
- Stay abreast of Cybersecurity Legislation and how it impacts your firm.
As noted in the April / May newsletter from the National Conference of State Legislators (NCSL) Cybersecurity Task Force, ten states have now adopted the National Association of Insurance Commissioners (NAIC) Insurance Data Security Model Law. These are Alabama, Connecticut, Delaware, Indiana, Michigan, Mississippi, New Hampshire, Ohio, South Carolina, and Virginia.
Connect with your state association to learn how to comply with these evolving requirements.
- Ensure your technology solution providers have legal permission to “integrate.”
This is where the Vertafore Orange Partner Program is so valuable for Vertafore customers. Vertafore understands and supports the reality that the insurance community has needs beyond those served by Vertafore solutions. Through vetted partnerships, Vertafore brings together best-in-class capabilities that are complementary to Vertafore solutions. These formal agreements empower Vertafore customers to confidently take advantage of more secure integrations.
At AVYST, we are focused on ensuring your client data is secure – both at rest and in motion. Part of this focus includes promoting user education. To understand more about cybersecurity frameworks and suggested protocols, listen in on our recent InsurTech Talk featuring Dustin Moody of RigidBits who explains Three Common Misconceptions of Cybersecurity.
As a Vertafore Orange Partner, AVYST now has bi-directional integration available with AMS360 for commercial package, with more lines of business on the way. And, as part of the In It Together initiative, we are pleased to make our eForms Wizard software available to all Vertafore users at no charge through July 31, 2020. To learn more and sign up, visit our Partnership Page.
Ahoy, mate! Protect the treasure that is your data.
As always, we invite you to leave a comment, question or suggestion for a future blog topic. Check out past posts at AVYST.com/blog.