Automated Cloud Backup for the Insurance Industry

Insurance companies require assured backup and recovery solutions for critical business data in systems such as Office 365, Hosted Exchange, Open-Xchange, G Suite Gmail, IMAP/POP3 now more than ever. This is because of the extremely sensitive nature of the data insurance firms typically handle, coupled with the ever increasing pressure from cyber threats and other data disasters.

The risk of exposing or losing data such as; social security numbers, names, addresses, phone and driver’s license numbers and more can best be handled by using an assured backup solution that protects, preserves and if necessary restores data.

Niche insurance companies, such as healthcare insurers, face the added complexity of maintaining HIPAA data confidentiality and adhering to strict security regulations, which adds even more risk to the equation.

And because insurance companies must share data with vendors, third party agents, members, providers and more, the risks to data has also rapidly expanded. Malware, cyber threats, accidental or malicious data deletion and systems failures across diverse data and partners mean protecting and preserving data has become much harder.

This is why Dropsuite engineered from the ground up a cloud insurance company data backup, archiving and restore solution that protects email communications data while also meeting regulatory compliance needs.

Based on the 2017 Cyber Healthcare & Life Sciences Survey by KPMG, providers and health plans found a dramatic rise in computer system breaches and data compromises, which include patient records, over the past two years. The insurance company as a whole has grave threats to data security and privacy and more work must be done by these firms to protect data.

Highlights from the survey include:

1. 47% of healthcare providers and health plans said they had instances of security-related HIPAA violations or cyber-attacks that compromised data
2. Only 35% said they are “completely ready” to defend against concerted cyber attacks
3. 79% reported cyber security was a board agenda item
4. 63% of healthcare providers and insurers said sharing data with third parties is seen as one of the biggest vulnerabilities

These statistics point to the fact that it’s almost impossible to employ a 100% reliable anti cyber threat and data protection process, there are just too many possibilities for data to be compromised.

And according to a recent Cyber Security Study by Chubb Limited, the financial damages of cyber crime are projected to reach $6 trillion annually by 2021, more than double those same figures from 2015.

The only way to assure insurance company data protection is with a comprehensive data backup and restore solution that enables data preservation while providing the ability to perform an almost instant restore when a data disaster happens.

The risk of exposing or losing corporate or consumer data in the insurance sector is real and growing, and includes common information such as:

• Age
• Social security numbers
• Names, addresses and phone numbers
• Driver’s license numbers
• Marital status
• Race

Lifestyle, attitudes and behaviors such as:

• Medical history
• Credit scores
• Financial problems
• Online usage
• Driving history

As well as more granular insurance processing and coverage data such as:

• Underwriting
• Ratings
• Pricing
• Forms
• Claims handling

To safeguard this valuable data, the insurance industry needs an assured backup solution that protects, preserves and if necessary restores data.

Dropsuite provides state of the art email communications backup and archiving solutions to help insurance companies keep data safe, secure and protected. Our engineers built a cloud-based solution from the ground up to efficiently and securely backup, store, preserve and if necessary easily restore data at a moment’s notice.

Dropsuite provides easy-to-use, secure, and scalable email backup and recovery tools insurance companies can use to easily automate backups of data multiple times per day, no matter where across the globe the data may be stored.

Even better, our industry leading backup and archiving solutions meet most government, industry, and IT regulations such as:

• FINRA
• HIPAA
• GDPR
• SOC 1, 2 and 3
• FISMA, DIACAP and FedRAMP
• DOD CSM Levels 1-5
• PCI DSS Level 1
• SO9001 / ISO27001
• ITAR
• FIPS 140-2
• NIST (coming Q1 2019)

Increasing risks to insurance company data can come from:

• Accidental or malicious deletion by employees
• Ransomware and cyber attacks
• Third party data security failures
• Server or hard drive failures
• Lost data from unsecure BYOD devices

With insurance companies, lost data doesn’t just impact operations, it can cause PR and Brand headaches and financial disasters that compromise the fiscal health of the firm. Lost, stolen or corrupted data is simply a disaster no insurance company can afford to risk.

Dropsuite provides email data protection with a cloud backup and recovery solution for insurance company data with a very low cost-per-seat license, coupled with the highest level of encryption to ensure data is secure both in transit and at rest.

Accidental Data Deletion: One of the most common of use cases when it comes to lost data is an employee or other authorized person accidentally deleting data. Typically, with systems like Office 365 there is a window of opportunity to pull files out of the recycle bin. However, there are limits to how long data is kept in the recycle bin. If the discovery of lost data comes too late, the data is gone, permanently.

With Dropsuite, you can recover any email on demand — at multiple points in time. Insurance customers have full “recovery assurance” for all emails, attachments, calendar and tasks — which eliminates the risk of losing critical business data. Dropsuite safeguards your data, allowing you to focus on your business.

GDPR Data Request: For multi-national or EU-based insurance companies, and even those firms who only collect an EU visitor’s data – managing GDPR data requests can be a headache. In Office 365 there are multiple applications that can share, store or record user data. Searching, collecting and as necessary taking actions on data in these systems for specific customer or visitor information requests can be a major headache. Where to begin?

Using Dropsuite GDPR Responder, insurance firms can easily search, tag, take action and report on GDPR data requests easily and quickly. This simplifies the time, resources and energy required to maintain compliance with GDPR regulations. By reducing the risk of exposure to GDPR penalties for non-compliance insurance companies can better protect their business, and their customers.

Regulatory Compliance: Arguably one of the most heavily regulated industries is the insurance industry. Because of the highly sensitive nature of customer and partner data stored, insurance companies must comply with a broad array of state and Federal regulatory requirements. HIPAA heavily impacts health insurance firms, and FINRA and GDPR can impact insurance firms as well, just to name a few.

Dropsuite provides a comprehensive and robust Email Archiving solution specifically designed with regulatory compliance in mind. With Dropsuite Email Archiving you can; conduct advanced search with over 20 parameters, customize retention policy and legal hold, use journaling and eDiscovery for data preservation, easily create audit logs and set up a review process very quickly – among many other capabilities.

Increasing numbers and sophistication of cyberattacks on insurance firms has become the new norm. But it’s not a fait accompli that insurance companies must become victims of the next WannaCry ransomware or NotPetya cyber attacks.

4 Ways to Decrease Cyber Threats:

1. Look at security holistically. Data security is more than simply employing encryption techniques; security is threat mitigation training, simulated breach testing, deploying anti-spam tools, and of course, backing up your data.
2. Identify and safeguard key assets including hardware, software, operations facilities and more, and lock down access. Cyberattacks can come from anywhere — and they come in many forms. Never let your guard down.
3. Talk to your suppliers and vendors. Are you or any of your suppliers or vendors doing business with companies or customers located in the European Union? If so, you’ll need to ensure that they are taking security and compliance seriously. Ask if they are GDPR compliant. Do they use the latest security protection? Are they backing up and transferring data safely? Remember, you’re only as strong as your weakest link — so make sure your business partners take security as seriously as you do.
4. Follow data archiving regulations. For example, here are two government regulations that impact the handling of insurance company data:
   • HIPAA – Requires firms in the United States doing business with Personal Health Information (PHI) to provide confirmation of compliance with standards and regulations relative to data security, including complying with storing data only as long as it is necessary and destroying data at specified intervals.
   • GDPR – Requires firms to comply with requests for data evaluations from EU persons. In addition, if requested firms must destroy data ala the “Right to Be Forgotten” rule, along with other stipulations for making the data readable and quickly available.