Why data hoarding can leave you more vulnerable to cyberattacks

It is time to let go…

Why data hoarding can leave you more vulnerable to cyberattacks


By David Saric

According to Michael Erlandson (pictured), VP of industry solutions at Vertafore, data hoarding can give threat actors more information to potentially hold a business to ransom.

“It’s extremely important to be cognizant of how you’re storing this data and that it’s not just being haphazardly handled or put away in different areas a threat actor can take advantage of,” he said.

“The more bait you give them, the more the cyber criminal can take advantage of, especially if that information is client-based, as it puts third parties in jeopardy.”

Alongside the increased impact of potential cyberattacks, data hoarding can also impact an insurance company’s administrative and business practices.

“If you do not have standardized flows throughout your organization, it’s extremely difficult to be able to track down those documents and send it over to the appropriate parties in a much easier fashion,” Erlandson said.

“You’re creating a lot of potential E&O issues if you don’t put that information in correctly, especially if you have to reuse that information at a later time or someone else in the agency needs access to it.”

In an interview with Insurance Business, Erlandson spoke about why the psychology of hoarding data needs to be broken, best practices to get rid of or store information, and why the insurance supply chain needs to be more functionally aligned.

Conditioning the brain to think of data differently

Erlandson recognized that the general inclination for an insurance professional is to make sure the customer is completely taken care.

“Agents and carriers love to keep information about their clients because they want to make sure they have the whole story if they were ever subpoenaed,” he said. “It comes from a place of utmost care.”

However, at some point, there is a point where all that data becomes redundant or unnecessary, especially as a client’s life and insurance needs progress.

It can be difficult to establish when that becomes a reality.

“When we, at Vertafore, help a client switch over their systems, we always have clients worrying about whether their information can be successfully transferred over without error,” Erlandson said.

He argued that there needs a more proactive effort to try and condition the brain to focus on the important things and abandon the data that will only cause confusion or business disruption if it makes accessing other files more difficult.

Sometimes, it takes a data management specialist to come in as a third party and impart that information to make the message clearer.

“These professionals will follow best practices to shed light on how an insurance company doesn’t need to hold on to data forever,” Erlandson said.

“It’s important to find a technology partner that really understands data and can create those standardized processes to recognize what’s important.”

Ultimately, being able to remove duplicate entries is a crucial outcome of data purges because it streamlines inconsistencies internally and increases efficiency.

“You want to make sure you’re using data for the right reasons so that leaders and managers are able to make sound decisions on their business,” Erlandson added.

“Streamlining data transfer and usage is still a problem”

While individualized data purging and prioritization is important, Erlandson noted how the insurance industry distribution channel is still lagging when it comes to standardized business processes.

“Streamlining data transfer and usage is still a problem across the industry,” he said.

While ACORD Data Standards has helped streamline business interactions between insurers, brokerages and MGAs, there is still more that can be done.

Getting rid of data hoarding tendencies can help make communication more productive since information can be accessed with greater ease and speed.

“I think that empowers agents to put the data in correctly, so they see how it’s helping them in their day-to-day duties,” Erlandson added.

Furthermore, building better hygiene around data storage and transfer can also build better habits for all parties involved.

“You want to make sure that you’re working with people that understand the risks, security and that have the technology that ensures you’re moving information across the distribution without creating any vulnerabilities for threat actors,” Erlandson said.

Keep up with the latest news and events

Join our mailing list, it’s free!