Major insurers with multiple, disparate and old legacy systems spend a great deal of time ensuring new digital insurance platforms are secure and compliant. Especially when they introduce -
- Customer self-service
- Customer-employee-supplier communications
- Orchestration all parties in the value chain
Yet they often overlook the vulnerabilities in their legacy systems- those proxy servers are a good example.
Modern, agile platforms are usually more secure than these ageing core systems of record. Hosted for example on AWS and adhering to the strongest security inherent in such scalable and global infrastructures.
However, having documented plans and procedures in place is only one element of a resilience framework, and firms must ensure also that their personnel understand them and have been appropriately trained in how to implement them. While the increased use of technology can lead to vulnerabilities if it is not properly implemented, maintained and managed, it is also the case that firms are looking to technology to provide solutions and facilitate resilience. For example, third party cloud solutions may provide a more modern, secure and resilient infrastructure than a firm’s own legacy IT systems, as long as any risks of outsourcing are understood and managed.
https://www.jdsupra.com/legalnews/uk-operational-resilience-a-pra-32504/
unknownx500
