SOC it To Me

/0 Comments/in /by

Fact of life: Data and the processing and transactional functionality that makes use of that data has to reside in a secure environment. Given the number of data breaches that have occurred this year alone, that’s self-evident. So, when the organizations with which you work are reported to be compliant with SOC and other data-security requirements, that compliance is not to be taken lightly. Here’s why:

Who’s Watching?

Compliance indicates the processes and practices within the organization have required levels of oversight. Monitoring is in place for unusual activity, configuration changes are authorized, and access is granted only to approved users. Normal activity is baselined to make deviations readily apparent and to determine the presence of potential threats.

Compliance also indicates adequate alerts and audit procedures are in place to:

  1. Ensure awareness aberrant activity and to initiate a corrective response.
  2. Identify the root causes of aberrant activity to ensure appropriate remediation.
  3. Trace aberrant activity forensically to determine its source, its path in the system, the parts of the system affected, the nature of the affect, where it might go or what it might affect next.

But Who’s Accounting?

Compliance with SOC and other data-security requirements also means personnel within compliant organizations are accountable to their customers and to each other for upholding the terms of compliance. From preventing breaches to identifying potential weaknesses, from shoring up potential weaknesses to remediation if it’s required, the appropriate people in audited organizations are on notice and on the hook. They should also be responsible for conducting regular assessments on patch management, vulnerability management, and overall system-security management — and reporting the results of those assessments to all of their data- and system-security peers in the organization.

If you’re not sure if the organizations with which you work are compliant with data-security requirements, here are a few things you should do:

  • Ask if the organization has any data-security policies or procedures in place.
  • If so, ask what they are.
  • If not, worry … a lot … and find a new home for your data.

Some things are worth worrying about more than others. The security of your data is one of them.

Getting to Know You

/0 Comments/in /by

Before people fully realize we’re an insurance-focused, software-development shop, they often think we’re Rogers and Hammerstein fans. For a while, we weren’t sure why that was. Then it hit us.

One day, we were on a conference call with a prospect. The discussion went something like this:

Prospect: What the most important thing to you?
Us: Getting to know you.
Prospect: I love that show!
Us: Huh?
Prospect: Never mind.

After the call, we looked up “Getting to Know You” and found out what all the confusion was about. Now we can’t get that darn tune out of our heads.

The Big Picture

Kidding aside, maybe we’re nosey or something; but we like to know our prospects’ businesses before we formalize relationships. To us, that seems more sensible and more productive than signing contracts — then trying to figure out what needs to be done.

So, over and above all the other activity it takes to be identified as their preferred vendor, we typically go to our prospects’ locations and spend three days with them. It gives us the chance to get acquainted with them. It lets us get to know their environments. It helps us to understand their cultures and the ways in which their people interact. It’s a more effective way to familiarize ourselves with their processes and to more completely identify their preferences and define their requirements. And we wouldn’t want this to get out, but it’s also fun.

A Word About Trust

The other reason getting to know you (not the song) is so important to us is that it gives us the opportunity to establish mutual trust. Like honesty and integrity, trust is something that can’t be establishes through talk or writing. At least initially, it has to be earned, ideally face to face. Then it has to be demonstrated — early, often, and with absolute consistency.

So, yeah. Getting to know you is important. And while we might not be as musical as Rogers and Hammerstein, we’ll stick to this tune as long as it works for us … and for our customers.

And based on our customers’ feedback, we do seem to be hitting all the right notes.

Upgrades: What’s Timing Got to Do With It?

/0 Comments/in /by

We love the periodic notices we get from various entities with which we work in our personal lives, entities like banks, mortgage companies, auto-finance companies, credit-card companies, and others. They typically go something like this:

PLEASE NOTE: Our system will be shut down for the Holidays. As a result, it will be offline from New Year’s Day to Christmas Day, during which time you’ll be unable to check anything, schedule anything, pay anything, or withdraw anything. We apologize for any inconveniences this may cause you, including but not limited to headaches, bouts of anxiety, defaults, foreclosures, repossessions, liens, derogatory credit reports, or Nasty-Grams from any of your creditors. Have a nice day.

We’re a software shop. We get the fact that software and systems upgrades are necessary and always will be. But does their timing have to be arbitrarily predetermined? And if we extend the necessity of upgrades from our personal lives to our businesses, what does that timing actually have to do with your business and its needs?

Everything.

It’s About Time

Every provider of every kind of software or system to any kind of business in any industry has to provide things on occasion — upgrades, updates, patches, bug-fixes, new versions, and whatever else might be necessary. If those providers ask you anything at all (sometimes they don’t), they usually ask just two questions:

  1. Are you ready?
  2. How ‘bout now?

We think a few other questions might be in order:

  • Do you need it?
  • Do you need it now?
  • Do you have other, more important operational considerations right now?
  • Do you know when the upgrade will help you the most or be most advantageous?
  • Will you let us know?

That might not be the best way to go about things, but it seems to be the most beneficial.

Common Sense

We don’t know why common sense seems to be so uncommon. But we do know it makes sense to let customers have upgrades at the right time and to let them determine the right time.

Upgrades on your time. That seems pretty common-sensible.

Get in Their Interfaces

/0 Comments/in /by

In a conversation about user interfaces the other day, we were reminded of the old saying, typically attributed to an unnamed doctor: “The operation was a success. But the patient died.”

We’re not equating software developers to doctors by any stretch. But it does occur to us that the best software (by any criteria) could give the effect of being DOA if it had an ineffective (by any criteria) user interface.

And there’s another important thing to consider.

Age Isn’t Just a Number

To those of us who aren’t getting any older, this may not seem like a big deal. But it would seem that users of software are getting younger. For the insurance industry, that means agents, CSRs, policyholders, claims adjusters, TPAs, and others that need access to our systems are already accustomed to newer, more intuitive, and very user-friendly technology. To them, legacy interfaces feel like trying to perform surgery with a dull butter knife.

That suggests that — aside from aesthetic appeal and clean simplicity — user interfaces should be:

  • Easy to use. The easier they are to use, the more work will be accomplished.
  • If users of interfaces can manipulate them to do what they need them to do, the way they want to do it, they’ll be more motivated and efficient, as well as more productive.
  • Whether it’s driving tasks in the workflow, completing routine tasks, escalating exceptions, or myriad other activities, automation enables people to spend less time engaged in mundane repetition and more time engaged in more strategic contributions to their organizations.

And there’s yet one more thing to consider.

Going Mobile

The Who might have been singing about an entirely different kind of mobility in 1971, but they were on the right track (so to speak). Interfaces that aren’t optimized for and responsive to mobile devices and their designs will be used less frequently. It’s as simple as that. And if your interfaces aren’t going mobile, your expectations should be lower because the number of users certainly will be.

If your constituents can’t access your systems on their smart phones, tablets, and other mobile devices to get updates, conduct transactions, and communicate with the requisite parties, they’ll work with someone else whose systems allow them to do all those things.

If we’re smart, we’ll be all up in their interfaces.

What Constitutes Your Infrastructure?

/1 Comment/in /by

According to dictionary.com, infrastructure is defined as:

  1. The basic, underlying framework or features of a system or organization
  2. The fundamental facilities and systems serving a country, city, or area, as transportation and communication systems, power plants, and schools.

The insurance industry typically considers infrastructure to mean the technological architectures within which hardware and software are purchased, deployed, run, and maintained.

Considering the fact that we couldn’t find any people in that definition — and since we haven’t reached the point at which AI and RPA enable hardware to purchase and install itself or software to program and implement itself — we think it’s a little narrow. Nor does it allow for the fact that software enables people to contribute to their organizations intellectually, as opposed to menially and mechanically, by automating menial, repetitively mechanical processes.

Infrastructure v2

We think we can (and should) give infrastructure a broader, more all-encompassing definition. Something more like this:

The resources, human, financial, and technological, by which the enterprise constitutes, operates, and sustains itself.

If we choose to define infrastructure that way (life is about choices), a number of productively beneficial things will happen:

  • We’ll define requirements for hardware and software more completely and accurately because we won’t forget the people who have to use the hardware and software we procure and deploy.
  • We’ll be more likely to procure the hardware and software that will be most beneficial their respective organizations because we won’t forget the people who have to use the hardware and software we procure and deploy.
  • We’ll achieve more favorable outcomes because we won’t forget the people who have to define, procure, and use the hardware and software we procure and deploy.

One More Thing

The notion of people, product, process used to be so popular there were graphics and videos created to promote it. What happened? We don’t have any intentions of selling products short — ours or anyone else’s. But the idea of products without people to buy, use, and benefit from them is curious and shortsighted at best.

“The bots are coming! The bots are coming!” has become the latter-day equivalent of “The sky is falling.” We know the bots are coming. They’re inevitable. They’re even beneficial. But the activities they perform are programmed — by people. They’re not the result of spontaneous, inventive, electronic ingenuity.

We don’t have to broaden or our horizons all that much to make sure our definition of infrastructure is adequately inclusive. All we have to do is include people.

That’s just one more thing. But that one more thing is the most important element in the definition.

Let’s do it.


People, product, process image © videoblocks.com.

Build vs. Buy … Still?

/0 Comments/in /by

The insurance industry’s debate over whether it’s better to build systems or to buy them dates back almost 3,772 years to the reign of King Hammurabi in Babylon. Within the Code of Hammurabi, the first written insurance policy was inscribed into a Babylonian obelisk. It indemnified debtors against re-paying loans if some personal catastrophe made recompense impossible.

After the Babylonian Treasury had underwritten a number of risks and needed a way to administer them, Avil Kush, the kingdom’s CFO, CTO, COO, and CWW (chief worry wart) arrived at the palace to discuss the matter with the King:

Avil: Your Majesty, since the bar chart hasn’t been invented yet, we must build enormous columns of rocks with which to keep track of our premiums and claims.

Hammurabi: Wadda you, nuts? Why would be build it ourselves? Call Nargal-sar-ussur at Marduk Megasystems and have him implement it.

Okay. None of that actually happened. But the debate rages on. We think we can settle it once and for all.

Two Questions

To decide whether it’s better for insurers to build or buy their systems, we need to answer two questions:

  1. How do we define better? We won’t presume to answer that question. But we will suggest the perennial challenges of profitability, compounded by the changing nature of system requirements, might make it a little daunting for insurers to define better as DIY.
  2. As an insurer, would you rather be in the insurance business or the technology business? We won’t presume to answer that question, either. But we will state (proudly, if we may) that we put 22 percent of our annual revenue back into continual development and refinement of our product suite. That kind of investment on an annual basis might be a tough nut for insurance company shareholders, stakeholders, and employees to swallow.

To cite another ancient king, the resolutions of this dilemma might not require Solomon.

Leave It to the Pros

We can’t speak for everyone in the insurance technology vendor community. But it’s a fairly safe bet most of them don’t write insurance on themselves. It’s equally fair to imagine there are numerous good reasons for that. By the same logic, then, it’s probably better, short term and long, for insurers to buy their systems, rather than to build them.

If nothing else, it seems like an astute division of labor, with or without stone columns.

Software as Job Security

/0 Comments/in /by

We’ve never conducted any kind of formal or official poll on this. But we’re willing to bet that if we asked most insurers and their employees if they considered their software to be an asset to their organizations and their people — or some kind of threat or liability — the majority would say the latter. Notwithstanding our own (hurt) feelings, that’s just not right. And vendors may be as much or more responsible for those sentiments as insurers.

What if, on the other hand, insurers considered their software to be an unconditional asset? And what if, rather than a threat of a liability, their people viewed the company’s software as helping them to make more valuable contributions to the organization? What if they saw the software, in fact, as a source of job security, helping them to make more valuable contributions to the organization, thereby increasing their value, their longevity, and their satisfaction? Would that be some kind of a pipedream? It shouldn’t be.

Higher Table Stakes

Insurance technology has advanced to the point at which configurability is an entry card. If their software doesn’t come with configuration tools, vendors won’t get a seat at the table, let alone be in the game. Those configurations tools free the people in IT departments to create business value — assess technologies, align IT with business goals, develop and maintain resilient, secure infrastructures. Given the rate at which configuration tools continue to advance, it’s not hard to imagine a day in which any BA can install any core-processing software in any insurance company. Another pipedream? Don’t be so sure.

The efficiencies enabled by software already reduce redundant data entry, while the portals provided by software allow increasing degrees of self-service and reduce the need for heavily staffed customer service departments. And if those efficiencies reduce the need for people to perform mundane, menial, and administrative tasks (they do), that means those same people can contribute more value to their organizations in higher-level, revenue-generating, risk-managing, and loss-mitigating positions. Call that a pipedream if you like. But it’s as inevitable as it is desirable.

Here It Comes

That sensation you feel is the rush of progress. The pipedreams are over. The future is here. And it brought reality with it.

Get ready, or get left behind.

A Funny Thing Happened On the Way to the Forum

/0 Comments/in /by

We had the opportunity to attend the NAMIC Farm Mutual Forum, which took place May 21st to the 23rd in Columbus, Ohio. And a funny thing happened on our way there. We were reading descriptions of the sessions to be conducted over the course of the Forum, and three of them, in particular, jumped out at us:

  1. Emerging Trends in Farm Technology
  2. The Benefits and Risks of Cloud Services
  3. Technology

If you’re anything like us, you realize those three sessions are topically related. In fact, from our perspective, they’re virtually inseparable. Here’s why:

Parts is Parts

To paraphrase a famous Wendy’s commercial, technology is technology. So, while Emerging Trends in Farm Technology cited the implications of GPS, smartphones, RTK positioning, and telemetrics (or telemetry) on the farming industry, we could drop farm from the title of the session and recognize that most industries are equally affected. The insurance industry is no exception.

By the same token, as a topic, The Benefits and Risks of Cloud Services is equally and broadly applicable. That’s why Forbes reported, “Cloud computing is projected to increase from $67B in 2015 to $162B in 2020.” It’s why Microsoft offers Office 365, even against sales of its own Office 2016 software. It’s why most of us use the cloud for file storage and data backup.

And the last session, Technology, included this in its description: “We’ll discuss the importance of technology … how technology applies to all generations … how to develop a technology implementation plan, a company website, social media accounts, and a paperless system.” It’s 2018, kids. If all of us aren’t doing all of those things, we’re not sure where we’ll be. But we’re sure we’ll be behind.

Accept the Inevitable

To his would-be rescuer, Robert Walton, Victor Frankenstein says, “Nothing is so painful to the human mind as a great and sudden change.” Fortunately, technology isn’t a monster (no parts-is-parts pun intended). And it’s not chasing us; although, it is relentless in its evolution. But that evolution constitutes more inevitability than great and sudden change. We’ll either accept and embrace technology, or we won’t. If we don’t, we should lower our expectations for our own evolution accordingly.

We didn’t expect be thinking about all this on the way to the Forum. That’s a funny thing.

Chickens, Eggs, and Language

/1 Comment/in /by

In the insurance industry, which is highly regulated but stubbornly non-standard, we seem to spend a lot of time explaining ourselves, don’t we? Do you ever wonder why? We have a theory:

We think it’s because of human nature.

As human beings, we’re not terribly interested in smallest, slowest, oldest, least capable, or most common. Give us bigger, faster, newer, most powerful, and avant-garde and we’ll be there every time. And so it is we find ourselves having to explain terms like insurtech, innovation, and disruption.

Words Matter

The insurance industry has been using technology for decades — from the mainframes of the 1940s to the databases of the 1960s, from Univac to IBM, from COBOL to Java, from client/server networks to the cloud. Insurance may not have been the first industry to adopt it. But adopt it we did. In that context, insurtech is just another term for what has always been insurance technology.

And pardon us for saying so, but — while the insurance industry is gradually adopting technologies available to all industries (AI, robotics, machine learning, and telematics) — there hasn’t been any new processing technology to speak of in insurance for at least a decade. And even if there were, we wouldn’t know what to do with it yet, given the nature of technology adoption and the (justifiably) conservative nature of the insurance industry.

We tend to overestimate the effect of a technology in the short run and underestimate the effect in the long run. (Amara’s Law)

Give Us Our Change

And then we have innovation and disruption. We don’t mean to make light of this war of withering words. But in circumstances like these, we have to leave room for a little humor, don’t we? If not humor, at least a little curiosity. So, here’s an experiment you can try at the next conference you attend:

Walk into the session entitled, “Disruptive Innovation in InsurTech”. Let everyone in the room off the hook by not asking them to define insurtech. Give them the benefit of the doubt and presume their perspectives on disruption are positive; that is, they generally assume disruption to have a positive outcome, rather than a calamitous one. Then ask them if they can tell you how innovation and disruption are different from change.

In the ensuring silence, tell them you’d like your change back.

We Have Work To Do

Our facetious levity notwithstanding, there’s serious work to be done in the insurance industry. So, rather than trying to decide which came first — the chicken or the egg; insurtech or constructive pragmatism; innovation or change where it’s needed; disruption or calm, shared progress — maybe we should talk about what needs doing right now.

We have no idea what tomorrow’s jargon will be. But we’re positive insurers have to do business today.

Let’s put our faith in practical experience and plain language to get it done.

Options Are No Longer Optional

/0 Comments/in /by

Are system configurations and product development sciences or arts? Depending on your perspective, they could be either or both. We’re not sure. But we are sure your technology should afford you the right to choose. Here’s our perspective:

Y2K was almost 20 years ago. What’s that got to do with anything? Much. The myriad computer-scientific achievements of Y2K’s post-compliance period defined the sub-industry we now know as insurance technology. And insurance technology’s come a long way in a short time.

A Brief Look Back

The last few years of the ’90s saw insurers catching wind of business potential for the Internet. Few had appropriate strategies. Fewer still began to develop them. But once they caught on, since the ‘Net accommodated systems that could handle high volumes of data, many insurers did precisely what you’d expect: They began tweaking their mainframes to make them accessible — and able to transmit data and transactions — via the ‘Net.

Fitting their mainframes with Web-based front ends, marketers and programmers joined forces to create things with big names like enterprise resource planning systems (ERP). With Y2K looming, mainframe-to-Web connection programs then bred other terms like knowledge mining and data mining to make us think we were doing something more significant than getting out what we’d put in. Then came the realization that we could say the trusty old mainframe provided security, large amounts of storage, and the capability of handling large numbers of sophisticated transactions.

But the mainframe’s days were numbered. Out of the increasingly limited procedural languages of COBOL, ForTran, DB2, and others came the lexicon of declarative query languages like SQL, JavaScript, and the programming equivalent of Esperanto — XML — that permitted greater functional literacy. And even those terms already sound ancient.

A Long Look Ahead

The late science-fiction writer, Arthur C. Clarke, wrote: “Any sufficiently advanced technology is indistinguishable from magic.” We’re not sure insurance technology has advanced to that point just yet. But with its combination of computer science and artistic configurability, it’s getting close.

No longer the exclusive domain of IT people, we’re rapidly approaching the point at which any BA in any insurance company will have the option to install and configure software — which will provide the option to develop and configure products and lines of business.

The options might not be magical. But they’re plentiful. And they’re no longer optional.