May 22, 2014

Cloud computing concepts were first proposed by J.C.R. Licklider and John McCarthy in the sixties. Licklider was instrumental in setting up ARPANET, a distributed network that connected computers in universities across the USA and you could share computing among researchers and students. McCarthy proposed the idea of computing being delivered like a utility using a grid that would allow economies of scale. These ideas were ground-breaking and futuristic, and today developments in processing power, storage and internet bandwidth have translated these ideas into working cloud computing models by companies like IBM, Amazon, Microsoft and Google. These companies have invested millions of dollars in building robust infrastructure and data centers on a massive scale. This has lead to economies of scale that most IT departments cannot compete with. Companies like Salesforce.com pioneered the software-as-a-service (SAAS) model and today most enterprise applications can be delivered in this manner.

Ravi Koka
Ravi Koka, Polaris Software Labs Inc.

So what is holding up insurers from embracing the cloud? The most frequent argument against a public cloud is the vulnerability of private data and possible leaks. There is sufficient expertise and technology on data encryption and cyber security and it is possible to build a secure way of leveraging the cloud without compromising privacy. In fact the move to the cloud will require companies to design for security and currently internal IT networks are equally vulnerable to attacks, as we have seen recently in several reported losses of private data by various organizations. Vendors of electronic health records are offering the application to physician offices on the cloud which are HIPAA compliant. It is therefore not an issue to offer insurance applications in a SAAS model. We are beginning to see more vendor applications in insurance in this model. This will particularly benefit small and medium insurers who are currently hindered by their legacy infrastructure.

In the book The World is Flat, Thomas Friedman writes that "cheap, ubiquitous telecommunications have finally obliterated all impediments to international competition, and the dawning 'flat world' is a jungle pitting 'lions' and 'gazelles'". This transformation is upon us and the early adopters will get ahead of their competition. A recent Protiviti survey of CIOs concluded that 63% of them saw a major IT transformation underway. Legacy infrastructure has been often compared to old cities that have narrow roads that cause traffic bottle necks and create friction for economic growth. Cities that embraced new technologies like mass transit and freeways were able to handle dramatic growth and shift in their economies. Insurers can take a page from successful city plans and chalk out an affordable transformation strategy that leverages the cloud and enables a quantum leap from their aging infrastructure.

[Previously from Koka: The Key to Unlocking Mobile Insurance Sales]

The safe path is to start with customer facing applications hosted on the cloud with a hybrid approach to data storage. Critical customer data could be permanently held behind the firewall and served up as needed to the cloud applications. Data that needs to be private can be encrypted when in transit and when displayed in the browser or mobile app. The level of security control a client organization has depends on the cloud model. Infrastructure as a service provides the maximum control to the client and SAAS would be the least and the client is dependent on the controls provided by the cloud service provider. There are several data security standards and audits, like SAS 70 and PCI DSS that help in ensuring that you are compliant with generally accepted guidelines.

The right cloud model will depend on an organization's goal and justification for making the move. If the goal is simplification of the IT systems, reduction in operational costs and the ability to leap frog and have access to the latest technologies like big data, customer experience then SAAS would be the way to go. However if the desire is only to cut cost and retain greater control over IT environment and security then infrastructure- or platform-as-a-service should be considered. The time to for CIOs to look at options and move ahead is now.

About the author: Ravi Koka is CTO, Insurance Products, at Polaris Financial Technology Ltd.