Only a quarter of midsize insurers have implemented mobile device management (MDM) software for their employees who participate in bring-your-own-device (BYOD) access to their systems, according to a survey by analyst firm Novarica.
While allowing BYOD access to systems at about the same rate as large insurers -- defined as those with more than $1 billion in premium -- midsize carriers tend to eschew technologies such as Good Technology, MobileIron and AirWatch that help them manage those remote devices.
"We strongly recommend that all insurers carefully consider their security provisions for BYOD and consider the benefits of using an MDM platform if they are not already doing so," Novarica says in the survey, which included 22 large insurers and 64 midsize. "Companies need to have remote-wipe capabilities to delete information from lost devices or from the devices of employees who leave the company."
[Good Technology reports that financial services companies are BYOD leaders.]
That's despite the fact that in some cases, midsize insurers allowed more BYOD access than their larger counterparts: 89% reported that at least some employees could use their smartphone to access corporate systems, compared to 68% of larger companies. The percentage allowing all employees access was 32% for large companies and 31% for midsize.
The little statistical difference between midsize and large companies in terms of allowing access belies the fact that invariably, that access must at some point end -- and it is imperative that insurers build in some safeguards for their data.
"Managing security and confidential information on personal devices is an evolving practice that insurers need to stay current with," Novarica adds. "Security protocols (passwords, time-outs, not storing unencrypted information on the device, etc.) on personal devices must meet general corporate standards."