Insurance industry taking hesitant approach to cloud computing

May 24, 2012

Information governance and cloud security issues have left some companies concerned about their place in the cloud, according to the Financial Times.

Legal issues related to data security in the cloud continue to complicate decisions about migration. Issues range from industry specific regulations (such as HIPAA or similar laws for healthcare) to international statutes like the European Union Data Protection Directive.

Proprietary issues
Perceptions of risk have held back the embracing of cloud services for the Dublin International Insurance and Management Association (DIMA), according to the Financial Times.

DIMA represents Ireland-based insurers in policy forums and holds on to sensitive proprietary information about it constituants. The Financial Times reports that requirements of quarantining this competitive data - so that it cannot be accessed by rival companies - creates a logistical nightmare when discussing the cloud.

Risk management
Sarah Goddard, CEO of DIMA, told the Financial Times that she sees the benefits the cloud offers as a "way forward" to many companies. However, with a relatively short history of cloud data security to turn to - even with many studies finding equal or better data protection - the potential risk is still too great for her to chance DIMA's members' data.

Insurance companies make their living assessing risk. For DIMA, when it comes to cloud computing there is an additional variable to plug into the equation. Since it is hard to quantify, the reward is not seen as worth the risk to some.

"I haven't seen many insurance products covering cloud-based risk," Goddard told the Financial Times. "There are cyberliability products, but they are primarily concerned with hacking."

More data, more risk
With more data to be governed, it becomes harder to control. Gartner Research VP Debra Logan told IT Web South Africa that more information creates more risk, in turn creating more work to govern. This ends up with enterprises seeking to control data less and less.

Logan feels that governing information - especially when it moves into the arguably more fluid space of the cloud - is the only way to keep the amount of data from growing beyond control.

-McAfee Cloud Security