How to securely manage mobile devices: The new insurance industry risk
In an industry that focuses on risk management, the explosion of mobile access has created a new form of risk in the insurance space: how to manage mobile devices.
Like almost every industry, insurers are facing disruption from increased mobility. Mobile consumers are now 17 percent more likely to complete an insurance quote request than desktop users, according to an EverQuote survey. At the same time, employees, contractors and agents are using mobile devices to improve productivity and streamline workflows such as claims processing.
However, with increased mobile use comes increased risk for fraudulent activity or data breaches. In an industry that handles a large amount of confidential customer information daily, there is real reason to be concerned about the threats mobile devices pose to an organization’s security.
As insurance companies move to take advantage of the opportunities mobile devices can provide, they must not forget the inherent risks that come with mobile access. Here’s a look at some primary challenges insurers face and how they can better manage mobile devices:
Internal mobile risks
To deal with lost or stolen devices and ensure personal devices meet general company security standards, insurance companies must have a way to remotely wipe company data from employee devices and ensure they are well-protected with passwords and time-out features. Companies should also prohibit unencrypted information from being stored on employee devices.
Mobile device management (MDM) software is the best way to deploy security standards across all devices in an organization and should be part of any mobile strategy. However, the bigger challenge is figuring out how to manage mobile devices owned by employees.
According to ZDNet, a survey by Tech Pro Research showed that bring-your-own-device (BYOD) was widespread, with 74 percent of organizations either already using it or planning to allow employees to bring their own devices to work. However, the expansion of BYOD across the insurance industry is concerning. Given the continued rise of BYOD in the industry, companies should craft a mobile strategy that includes a comprehensive BYOD policy — one that requires an MDM solution on personal and corporate devices so IT can remote-wipe any device that puts corporate data at risk.
External mobile risks
To stay competitive, most insurance companies now offer mobile apps for both customers and insurance agents. These apps streamline workflows for agents and vendors, such as speeding up the underwriting or claims process. They also allow insurers to gather data on their customers’ behavior patterns in order to deliver a more personalized and relevant experience that can increase customer retention rates or generate new revenue.
The challenge is that it’s not feasible or possible to manage external devices through MDM software. However, insurance agents working on behalf of their clients may have access to sensitive information or customers may unwittingly give away username and password information that makes the organization susceptible to fraud, putting the entire organization’s data and reputation at risk.
Therefore, a mobile strategy must also address concerns about mobile security on customer-facing mobile apps. The verification process can be improved by implementing mobile security solutions with traditional username and password authentication or biometrics combined with other identifying information, such as whether an access request is coming from a known location. These actions help safeguard both consumers and insurance companies against fraudulent access.
Develop a holistic mobile strategy
There is no magic pill for managing mobile devices. However, a holistic mobile strategy that addresses both internal and external threats is the best option for insurance companies to be able to better manage the inherent risk of mobility initiatives while still reaping its rewards.