News

12:05 PM
Connect Directly
Twitter
Facebook
Google+
RSS
E-Mail
50%
50%

Magna Carta's CIO Reports Remotely on Carrier's Readiness

CIO David Lawless reports that the NYC-headquartered company's Northeast employees are working safely from home, thanks to virtualization, and that Oregon-based claims staff are at the ready.

David Lawless
David Lawless, Magna Carta Companies
The Park Avenue headquarters of Magna Carta Companies is closed today, and the Manhattan-based P&C carrier's CIO is not at his desk. In fact, David Lawless is working as an EMT today, something he's been doing on a volunteer basis for the last three years. While based in Scarsdale, there's a chance Westchester County's EMS resources may be called to harder-hit areas, perhaps Long Island or N.J., Lawless reports. However, his preparations as CIO have made a potentially devastating storm less of a threat to his company in his temporary absence.

Mr. Lawless took some time to report to us about Magna Carta's preparations this morning:

The safety of our employees is of paramount importance to us, therefore our New York City, Boston and Princeton, N.J. offices are closed today. We are preparing for their possible closure on Tuesday as well. Our management team is having regular conference calls to keep updated on the storm and to monitor the company's response.

From a claims handling perspective and for the duration of the storm we will use our property/liability claims staff based in Portland, Oregon. Calls into the company will be answered in Portland, where our claims clerical staff will handle the intake and then our claims examiners will then dispatch field staff from home or dispatch third-party adjusters already in place.

We are well situated from a technology perspective. Our primary data center has enough fuel on hand to run for 15 days before refueling and our secondary site has the data replicated. Mission-critical systems and other components are updated every 15 minutes, and less-used systems like HR are updated hourly.

Since we implemented a virtualized desktop infrastructure (VDI) earlier this year, our staff is able to get their identical computing environment from home, regardless of what type of system they have Windows, Mac — even iPad. So from a processing perspective we won't miss a beat.

With the advent of these technologies geographic spread of resources goes a long way in managing major events.

On separate note, we will have our phone system virtualized before the end of the year, so that users will get their office phone environment wherever they log in. So for the next event we expect our processes to be even more seamless.

For more on Hurricane Sandy, see As Sandy Approaches, Report Questions Whether We'll Know About the Next One

Anthony O'Donnell has covered technology in the insurance industry since 2000, when he joined the editorial staff of Insurance & Technology. As an editor and reporter for I&T and the InformationWeek Financial Services of TechWeb he has written on all areas of information ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This is a secure windows pc.
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.