Tag Archives: Internet of Everything

Who Will Make the IoT Safe?

After reading about the “distributed denial of service” (DDOS) attack that shut down major sites across the internet in late October, it is amazing to me that, conceptually, my refrigerator could be used by evildoers to attack servers in the cloud. I miss the old birdcage refrigerator that we had in our basement.. but I sure like looking on the internet to see just how old the milk is when I am in the grocery store.

To my knowledge, this is the first such attack using internet-connected devices, or the Internet of Things (IoT).

One weakness to the Internet of Things is that (as we have attached more of our home devices to the internet), there was no one overriding body responsible for creating a minimum security level to limit access by the wrong people to our microwave ovens.

But if such a body is created, then it could be more difficult for small and creative companies to make anything. Another problem with a central body creating security levels is that it really would only increase manufacturing costs. And, knowing oversight bodies, I’m sure we would then be using outdated technology in all of the devices, without really making anything secure, My internet espresso maker could then cost $1,200 instead of $1,000 and still would make bad cappuccinos when I went on my phone from by bedroom and turned it on.

See also: Insurance and the Internet of Things  

Finance companies such as banks and credit card companies, medical organizations, the phone companies and computer companies have significant financial incentives to create secure devices. Yet they have had significant problems keeping their information and systems secure from the internet mischief makers.

(A quick digression: The U.S. government severely punishes private companies when there is a breach. Not only did their data go away, not only did their sales drop because of a reputation problem, not only did their customers sue them, but then, as a cherry on top, rather than helping the victim of the data breach the government fines them. Yes, I know the company should have been more diligent with the data, but…. Note that a hack of the IRS hack has cost the U.S. government more than $30 million in payments on fraudulent tax returns, and the IRS has yet to fine itself for the breach.)

Most of the people I know who have spent any time thinking about about purchasing self-driving automobiles have said they worry that hackers could take over their car (their underlying concern seems to be that it will then be driven into the San Francisco Bay, where they could not open the doors or roll down the windows to get out). There is (and should be) far more concern over the loss of control of a car than loss of control of a pizza oven, but to me it is all really part of the same problem.

So my first question was: “Is there a locus or specific place where we can plug in some type of security to help stop the mischief?”

Looking for insight, I charged down to Best Buy and asked one of the Geek Squad folks if there was such a place or way to limit outside access or control to my internet-connected electronic toothbrush? (I did come out of Best Buy with a brand new, three-year software internet security program for my new computer for only $49.95, discounted to $9.95 because I was going to look at the possibility of purchasing an internet-connected pet feeder)

The Geek Squad person said that the best opportunity for such security is the routers in homes, but, no, there is no Ronco device ($19.99 and… if you call in the next two minutes… you can have TWO Ronco internet security devices. He also said that, fortunately, my floss is still not internet-connected, so I would not have to worry about one of my teeth being yanked out by an evildoer from Nigeria who was trying to get that pesky $25 million out of the country….)

So here are some follow-up questions:

  1. Should there be an oversight body for all devices that will be responsible for creating a minimum standard for security for all of the internet-connected heating systems in the world? (The NSA will still want back-door access to all of the data from your garage opener.) If there is an oversight body, and it creates a minimum security program or level, will it be enough to keep the evildoers out of my kitchen? (I think not.)
  2. Who will go on Shark Tank with the next device (Ronco??) to help create some sort of security for all of the devices in your home? This seems like a great opportunity for someone.
  3. Perhaps it is the cable operators (those who supply the infrastructure of the connections) who should be held responsible for identifying viruses as they go across the cables and stop them. (That is where the NSA gets all of its data, anyway.)
  4. Will I ever be able to look at my internet Ronco coffee maker the same way and not wonder if it is actually a drone for a hacker in Uzbekistan? Will the hackers burn my pizza for me instead of me burning it? Or, worse, will they undercook things? Will a hacker drive my car (in two years, Uber’s car) off the Golden Gate Bridge? (And will I actually be in the car when he does?)
  5. Will the evildoers now open my garage door and take my Xmas stuff i have on the back wall? (There is really a serious question of personal security that will get larger as the bad guys find out how to easily get into businesses and buildings.)
  6. Will the government take over my sprinkler systems and stop me from wasting water? (In California, this is a serious issue, and the underlying question of how much will or can the federal state and local government eventually do with the Internet of Everything will be an interesting battleground for the next 15 years.)
  7. Who has the data, and where are all of the devices? Information is king (and queen) nowadays, and knowing where the devices are will allow the evildoers to attack the weakest links. I bet they first hacked the companies who sell the devices to find out where they are. (Should you sign up for a warranty if that information will result in telling the mischief makers where you are and how you are connected?)
  8. Just how safe is the cloud? The attack in October was a distributed denial of service attack, but can the evildoers use my internet-connected fireplace to hack the cloud?
  9. Will all of these security problems have anything to do with privacy issues? What if the miscreants leak my information to Wikileaks about the fact that I have peanut butter in the refrigerator?

As the saying goes: Inquiring minds want to know.

There is an amazing amount of mischief that can be created if we do not have secure devices.

See also: How the ‘Internet of Things’ Affects Strategic Planning  

Think about it… and perhaps unplug your internet-connected litter robot until you know it will only be used by your cat for its original purpose.

E-Signatures: an Easy Tech Win

While industry analysts and thought leaders speculate on the adoption and impact of telematics, driverless cars and the Internet of Things on insurance, it is worth revisiting how we are doing with more mainstream technologies. Electronic signatures and e-apps have been around for years, yet paper-based applications remain the norm. A survey of 113 insurance professionals conducted late in 2014 by e-SignLive and PC360 revealed only 33% of respondents are using e-signatures.

Because insurance is a regulated industry, “paper” work is inevitably at the heart of all we do. For that reason, any effort to digitize the business of insurance needs to start by eliminating paper and manual signatures. From there, digital records and the data they contain can flow seamlessly through distribution, policy administration, ratings, billing, claims and other core systems. Digital insurance is not a theoretical, utopian concept. It is not only possible – it is being done with great success.

E-signatures are a relatively quick and easy technology to add to your existing core systems and workflows. Yes, it is possible to get started overnight, but don’t let the minimal investment of time and money fool you – the impact of going digital is significant for everyone involved.

BENEFITS FOR CARRIERS

Full Visibility

Digital transactions have unique advantages over paper. When your business mails out a paper package for a customer to sign, you have no control once the documents leave your hands. Similarly, if your business takes place through the agent channel, you have little control over the process. Were the proper procedures followed at every stage of the process?

The blind spot that exists with paper is eliminated online. Insurance companies gain real-time visibility into what is taking place at the time of signing. Overnight, you can monitor the status of in-progress transactions, track drop-offs and transactions about to expire and analyze trends in customer behavior.

NIGO Rates Bottom Out

In the digital world, customers go online, get quotes, choose coverage and complete an application through the channels and devices of their choice. They enter application data electronically, and workflow rules are enforced to ensure an error-free application.

Overnight, this eliminates the average 60% Not-in-Good-Order (NIGO) rate that occurs with paper-based new business applications. It saves the industry hundreds of millions of dollars, in hours that no longer have to be spent fixing documents. This is significant, considering that an error-free digital process costs a third to a fourth of what a process with errors costs.

Easily Demonstrated Compliance

Once your new business applications become completely digital, compliance teams will be one of the biggest winners. By automating, they gain the ability to:

  • Capture digital audit trails, including an active audit trail that allows you to replay any transaction exactly as the customer experienced it;
  • Minimize exposure to risk because of misplaced or lost documentation;
  • Make the process of demonstrating compliance less resource- and time-intensive.

Online transactions with strong audit trails provide a record of every action taken by customers. You know when they signed, how they signed, how much time they spent reading each page, what IP address they transacted from. Plus, audit trail data can be extracted for analytics purposes and even greater insight into your business.

Once your company has gone digital, you no longer spend weeks preparing for audits and market conduct exams, identifying paper files or getting them out of storage. How would your VP of compliance react if you told her that you could quickly pull any signed record from a database of millions of documents, guarantee it is in good order and replay the entire transaction to prove that your company followed all regulatory rules?

Virtually All Legal Disputes Defused

When carriers think about going digital, many have concerns over legal risk. Fortunately, the legal framework has been in place since 2000. Case law has shown that if the process is clear to the signer, and signer intent is properly established, the courts will accept e-signatures and e-records as evidence.

A top auto insurer can attest to the fact that e-signatures decrease the risk of legal disputes compared with paper signing. This carrier has been capturing customers’ signatures electronically for the last 10 years and has only seen one case involving e-signed records go to court – despite more than one million customer inquiries.

Costs Cut

Keeping transactions digital helps your bottom line. Gartner Research reported on a large carrier’s digital process, noting, “E-signatures saved $10 per transaction, with the potential of annual recurring savings of millions of dollars. This includes costs for mailing, postage, paper handling and processing.” There were 275 million life insurance policies in force in the U.S. in 2013. Multiply that by $10, and the potential industry-wide savings climb into the billions.

Immediacy

Across all channels, closing the deal when the customer is ready and engaged is critical. By offering e-signature capability on its website, one global insurer is able to convert visitors immediately and avoid dropoff rates that occur when the process falls to paper.

This is as advantageous for new business and renewals as it is for claims. Clearly, the immediacy of submitting a signed claim from a smartphone on the spot is a differentiator. For the customer, that means faster resolution in moments of stress – ultimately improving satisfaction and increasing retention.

BENEFITS FOR CUSTOMERS

Customers want convenience and speed and a company that is easy to do business with. McKinsey recently confirmed that, “more than 80% of insurance customers began their shopping process using direct channels. Online is increasingly the initial channel of choice even among customers who value the agent relationship.”

Clearly, expediting the process of buying insurance is important across all channels. Someone who starts insurance shopping on Google Compare may very well still appreciate having an informed agent talk him through the policy options, but not if that means dropping back to an antiquated, paper-ridden, offline process.

Keeping the transaction digital just makes it so much easier to purchase, renew or modify a policy. Carriers repeatedly find that e-signatures help lower NIGO rates, increase customer loyalty and boost referrals. In fact, one insurer experienced a 14% higher retention rate with customers who e-signed their new business policy.

BENEFITS FOR AGENTS

Both captive and independent agents spend too much time on administrative work. Insurance Journal reported that, “Only about one-third of producers spend more than half their time selling […] Instead, they are spending more time than they think they should on administration and client service.”

Even when using a modern agency management system or e-app, productivity is lost when you have to print to paper for signatures. Those applications must then be photocopied, shipped, faxed, chased down, corrected, scanned and archived. All of this creates a huge time and productivity drain. The good news is, e-signatures save as much as 90% of the time and cost of administrative labor.

mod

GOING DIGITAL MAKES SENSE FOR INSURANCE

Clearly, the insurance industry is moving down the path to digital. However, the pace of change is accelerating, and carriers and producers that don’t offer a fully digital process online and on mobile devices will be left behind. Analyst firm Novarica sums it up best: “The time for insurance carriers to take concerted action with an e-signature strategy is, in Novarica’s view, now. The technology, legal framework and customer expectations have all reached a point where carriers need to proceed in order to compete.”