Tag Archives: pinterest

What Is the Killer App for Insurance?

Remember the must-read book Unleashing the Killer App: Digital Strategies for Market Dominance, by Larry Downes and Chunka Mui? I was lucky to get a signed copy at a Diamond Technology Partners event and hear them speak about the killer app. It was in 1998, the start of the e-business revolution, with the emergence of the Internet as a platform for a new business model. Every company was holding executive management strategy sessions discussing the book and brainstorming. In the insurance industry, many were putting up their first websites and beginning to think about e-business opportunities that could become their killer apps.

Many insurance companies failed in this effort. Their vision wasn’t big enough. Their desire to upend existing models wasn’t strong enough. Rather, they thought incrementally and cautiously. This resulted in strange hybrid solutions, such as websites with no integration to back-end systems. Requests were printed off and manually put into the systems. Many companies wasted time on vaporware — ideas that never got off the ground because of organizational angst or a lack of leadership.

The late 1990s were an exciting and painful time as we recalibrated our thinking toward an entirely new era of business. In spite of our efforts, we fell a lap or more behind in our race toward innovation.

But some companies succeeded. Think about Esurance and Homesite, startups that understood the opportunities and launched their businesses around this time. These companies exploited the dramatic changes introduced by the Internet and challenged one of the long-held business assumptions, that agents were required to sell and service insurance with direct-to-consumer models. As a result, they emerged as formidable, innovative companies.

Do established insurers have another chance to stay in the race?

Recently, I read the follow-up to the first book, this one titled, The New Killer Apps: How Large Companies Can Out-Innovate Start-ups, and another titled, Billion Dollar Lessons, both by Chunka Mui and Paul B. Carroll. Interestingly, the follow-up takes the view that decades- or century-long established companies can out-innovate today’s start-ups, many of whom are considered unicorns (pre-IPO tech start-ups with at least a $1 billion market value). These unicorns and other start-ups have emerged in the last few years with not only massive valuations but with real business models, real revenue and real customers — unlike in the first Internet boom. Think of Uber, Airbnb, Snapchat, SpaceX and Pinterest.

Even more compelling for insurance is the rapidly growing intensity of change being influenced by these companies. Consider Uber and the impact on auto insurance, Airbnb and homeowners insurance or Snapchat’s new payment options.

The authors are quick to point out what we should all recognize, that being big AND agile is essential in today’s rapidly changing world of converging technology innovations, including mobile, social media, sensors, cameras, cloud and emergent knowledge. They estimate that more than $36 trillion of stock-market value is up for “re-imagination” in the near future — meaning that either existing companies reimagine their business and claim the markets of the future or the alternative may happen and they may be reimagined out of existence!

When the authors compared successes and failures of established companies, they found that successful companies thought big, started small and learned fast. Failures commonly missed on one or all of these points. Is the insurance industry thinking big enough yet? Are companies innovating by starting small? And are they learning fast by experimenting, testing and learning from failures?

The only way insurers stand to catch up in a race where the trophy is not just success but also survival, is to out-innovate the competition, including the new competition from outside the industry looking to disrupt insurance. It’s possible, but it is going to require both wise technology investment and a whole new insurance business model mindset.

No Vaccine for Social Media Theft

Whether you are new to college, single and dating or newly divorced (because you panicked and confessed when news of the Ashley Madison hack hit the media), I’ll bet there is at least one socially transmitted disease you haven’t started worrying about: identity theft.

If you use Facebook, you’re making easy work for identity thieves. The same goes for the whole cosmos of social media whether you favor Twitter, Instagram, Reddit, Pinterest, YouTube or LinkedIn or prefer to Tumblr your thoughts, preferences and predilections to anyone who cares to know what they are. The more you put out there in publicly viewable spaces, the more your personal identity mosaic is exposed. An identity thief’s day job is piecing together that mosaic into a passable, or usable, version of you: one that will get through the authentication process of financial, medical or governmental organizations.

The echo of another kind of disease here is intentional. Like the more widely known kind of STD, the socially transmitted diseases that fall under the rubric of identity-related crimes are contracted by unsafe personal information practices. Unlike the more familiar variety, where safety is taught in high school, tacked to college community boards and heralded by countless other media new and old, not as many people these days know how to stay as safe as possible from the threat of identity theft, especially online.

How to practice “safe social”:

  1. Don’t overshare. It’s okay to let the world know you’re on vacation so long as you have a great security system at home or you have a house sitter. Traditional trespassers use social media to know when houses are unguarded. It is far better to share the memory than report the experience as it’s unfolding.
  2. Be careful when posting pictures. While it’s fun to brag about a purchase—whether that be a diamond ring, a car or the smartest TV on the market, just be aware that anyone following you now knows where they can get your newest trophy or indulgence for free.
  3. Geotagging is for victims. There is no upside for you here. Companies like geotagging photos and other people-powered media assets because it gives them bankable information that could lead to future sales. Whether you are letting Twitter or Facebook or FourSquare narrowcast (or broadcast, depending on your privacy settings) your location, failure to disable location services on your device permits geotagging, which also gives thieves bankable info that could lead to future crimes.
  4. Know your privacy settings. Make sure you understand how your posts are being displayed or distributed by the social network you use. For instance, on Facebook you can set a post to “Public” or “Only Me,” with many choices in between.
  5. Lying is good. Facebook, especially, is a perfectly acceptable place to not be forthcoming about your age, hometown, place of employment or even the college you attended and what years you were there. Identity thieves comb social sites for information to complete dossiers of personally identifiable information that will allow them to correctly answer security questions and thus open new financial accounts or empty existing ones. If you don’t want to actively fabricate answers to these questions, just don’t fill out those parts of your profile.
  6. Beware of quizzes that require personally identifiable information. Make no mistake, your email address and name count.

There is no immunization

Unlike the other kind of STD, the socially transmitted disease of identity theft is not avoidable. There is no immunization, no safe way to avoid it—not even complete abstinence. There have been too many breaches with too much data for anyone but those living entirely off the grid to be completely safe. (And even still you can’t be sure.)

Your best bet, in my opinion, is a system detailed in my book (forthcoming in November). A key element to that approach is acceptance. Specifically, you need to come to terms with the fact that it’s no longer a question of “if” but “when” you will become a victim of at least one type, if not multiple types, of identity theft. Anyone who tells you that they can keep you from getting got is selling snake oil. In fact, they are running afoul of the Federal Trade Commission. There is no guarantee. There are, however, best practices.

THE THREE M’S

If you accept the basic premise that you are at risk for identity theft no matter what you do, here are some thoughts as to how you might stay as safe as possible. The good news may actually be that you are a seasoned and intelligent user of social media, because that means you already have several of the habits in place that you will need.

Minimize your exposure

The same strategies you can adopt to make yourself a harder-to-hit target on social media go for the rest of your life. Whether that means saying “no” when asked for your Social Security number, limiting the amount of sensitive personal information you provide to anyone who contacts you, making sure all your accounts (email, social networking, financial or retail) have different user names paired with unique, long and strong passwords, properly securing your computers and mobile devices or freezing your credit—there are a variety of things you can do to make your attackable surface smaller.

Monitor your accounts

If you use social media regularly, you are used to checking in on a regular basis—the Pew Research Center found that 70% of Facebook users check in daily, as did about half of Instagram users, and nearly 40% of Tweeps. The same behavior, applied to your financial life, may keep you from getting got … or help you undo or minimize the damage in case you do. Check your bank and credit card accounts daily. Other things you can do include signing up for free transactional monitoring alerts at your bank, credit union or credit card provider, or purchasing more sophisticated credit and noncredit monitoring programs.

Manage the damage

When the dark day comes that your daily practice of monitoring your credit or financial life yields a compromise, you need to get on it immediately by informing the institution of the account that is involved, as well as law enforcement and the fraud department of at least one credit reporting agency. Because many insurance companies, a number of financial services organizations and the human resources departments at a number of companies offer complimentary or low-cost identity theft assistance as a perk of your relationship with the institution, check to see if you are covered or, if not, how you can get covered. Resolution experts can greatly help you speed your way back to normalcy.

Identity theft is a permanent threat. The best way to stay safe is to change your behavior. The above tips are only some of the ways to do that. In the age of universal data vulnerability, practicing safe information hygiene is a must—lest you contract the one STD that may haunt you for the rest of your life.

Can Employers Ever Monitor Employees' Personal Social Media?

Yes, but be careful! There is no denying that the use of social media sites such as Facebook, Twitter and LinkedIn has exploded. The explosion includes both personal and business use of social media. It also includes use that is beneficial to employers and use that can be very damaging. Unfortunately, the influx of employment lawsuits that have followed the explosion have had limited practical value in guiding employees and employers on the permissible use and oversight of social media in the workplace. While many questions remain, the California State Legislature's recent enactment regulating employer use of social media does provide some guidance.

California Labor Code section 980 was enacted to prevent employers from (1) requesting an employee disclose usernames or passwords for personal social media accounts; (2) requiring an employee to access his or her personal social media in the presence of the employer; or (3) requiring an employee to divulge any personal social media to the employer. Applicants are protected in the same way as employees. The new statute, coupled with existing privacy laws, limits what employers may monitor when it comes to the personal social media of employees and applicants.

Definition Of Social Media
In what appears to be an effort to account for the ever increasing development of new social media, the new statute broadly defines social media as an “electronic service or account, or electronic content, including, but not limited to, videos, still photographs, blogs, video blogs, podcasts, instant and text messages, e-mail, online services or accounts, or internet web site profiles or locations.”

Prohibitions On Employers Monitoring Social Media
Employers may not require, or even request, that an employee or applicant:

  • Disclose a username or password for the purpose of gaining access to the employee or applicant's personal social media;
  • Access their personal social media in the employer's presence; or
  • Divulge any personal social media.

Employers are also prohibited from retaliating or threatening to retaliate against an employee or applicant who refuses to comply with a request or demand that violates the statute.

Despite the statute's broad definition of social media and its restrictive prohibitions on employers, it does provide some exceptions under which employers may request and gain access to employees' personal social media. For each exception, however, pitfalls exist. Employers need to know them in order to avoid costly mistakes.

Accessing Social Media As Part Of An Investigation
The statute does not affect an employer's existing rights to obtain personal social media “reasonably believed to be relevant” to an investigation of employee misconduct. Under this exception, the employer may only access the employee's personal social media under the condition that it is used strictly for purposes of the investigation or a related proceeding. While the statute does not define what “reasonably believed to be relevant” means, California Courts evaluate employee privacy concerns utilizing a balancing test, weighing the employee's reasonable expectation of privacy against the employer's legitimate business needs for accessing the information. It is wise for employers to evaluate each instance carefully before requesting an employee to divulge his or her personal social media under this exception.

Employer-Issued Electronic Devices
The statute does not preclude an employer from requiring an employee to disclose a username and password for the purpose of accessing an employer-issued electronic device such as a computer, smartphone or e-mail account. Employers should exercise caution, however, before digging through an employee's use of personal social media on the employer-issued device.

It is a violation of the federal Stored Communications Act to access a restricted or password protected site without the owner's consent. So, while it is permissible for an employer to require an employee to provide his or her password for access to the employer-issued device, an employer may be violating the law by accessing social media information on the device. For instance, having the IT department look up the employee's Facebook password stored on the employer-issued device in order to gain access the employee's personal Facebook page.

Adverse Action Against Employees
The statute does not prohibit an employer from terminating or taking adverse action against an employee or applicant if otherwise permitted by law. For instance, an employer may discipline an employee for violating company policy and using personal social media during work time. Nor does the statute specifically prohibit employers from accessing publicly available social media. This means that employers may view the personal social media of its employees that is available to the general public on the internet, such as blogs and other websites that do not restrict user access.

But, before taking any adverse action against an employee based upon the content of his or her personal social media, employers must keep in mind that California law prohibits employers from discriminating against an employee based upon the employee's lawful conduct occurring away from the employer's premises during non-work hours. Moreover, the National Labor Relations Board has held that employees may use social media to voice concerns over working conditions. While an employee complaining about working conditions or an issue with a manager on his or her Facebook page may reflect negatively upon the organization, the employee's use of social media to criticize working conditions may qualify as protected speech for which an employee cannot be lawfully disciplined.

What Is An Employer To Do?
First, be patient. The law develops at a snail's pace compared to the development of new technology and cultural trends. More guidance will come. In the meantime, employers should approach social media issues with careful consideration and planning. This should start with the development of a written social media policy, and not a sample or template policy. The policy needs to be specifically tailored to the employer and should discusses the importance of social media, the impact that social media has on the workplace, and how employee's use of social media reflects upon the organization. The policy should also define the permitted use of technology owned by the organization and employee's expectations of privacy or lack thereof.

If an employer elects to have a policy restricting personal social media use during work hours, it should ensure that the policy is applied even-handedly to avoid claims of discrimination. Employers should also consider the pros, cons and legal issues that relate to restrictions on supervisors' social media interaction with subordinates. For most organizations, it would be advisable to inform employees that they are not required to interact with supervisors on personal social media and will not be retaliated against for refusing to interact with supervisors.

A carefully planned and well written social media policy that outlines the organization's goals and expectations of employees' use of personal social media can help ensure compliance with the new rules and prevent costly disputes with employees.