By Ara C. Trembly
In the first article of this three-part series we examined the benefits of technology convergence for risk managers. In particular, we looked at the convergence of mobile technology, big data and cloud technology in terms of how it speeds operations for the enterprise and opens up new opportunities for the risk manager within the organization.
With every adoption of new technology, however, comes challenges and adjustments. In most cases, we can't simply pluck a technology off the shelf or out of the ether and expect it to work seamlessly in our constantly changing business environments and with our employees, often in far-flung locales.
The mere fact that a technology is new may be enough to scare some potential users. Nor is it unusual to see many who simply say that the way things are is good enough, or executives who balk at the costs of a new investment with an uncertain return.
Yet the benefits of big data, cloud technology and mobile technology are undeniable, and the outsourcing of data storage and technology that could potentially be based in the cloud is very cost effective and does not require the use of precious internal resources, said Chris Thorn, risk manager, corporate insurance, for Southwest Airlines Co.
But what particular challenges do we face as we seek to take advantage of these technologies for our own organizations, to better enable the tasks of risk management, and to give risk managers tools to create true value?
A recent RCRWireless/US online posting cited a survey by enterprise management software giant Software AG, noting that, "Big data, cloud, mobile, collaboration and business process management will be the top technologies over the coming 24 months. The survey also notes that adoption of these technologies is guiding the software market at an inflection point, significantly changing the way enterprises do business and accelerating their reaction to changing customer and market behavior."
Approximately 20 percent of the survey respondents pointed to big data management and collaborative work practices as important technologies, and 30 percent saw cloud and mobile applications driving new business, the posting noted.
How quickly these technologies are adopted, however, is a key question and a challenge. The RCRWireless/US piece quotes Software AG's Chief Technology Officer Wolfram Jost as saying that the real-time data, rapid scalability and fast decision making enabled by these technologies are of little use if companies still take months or years to implement business process change.
Big data and the need for cloud-based storage in particular has been the subject of many an analysis. Online resource SearchCloudProvider (SCP) said that, "Given the rigorous demands that big data places on networks, storage and servers, it's not surprising that some customers would outsource the hassle and expense to the cloud."
Even with an outsourcing strategy, however, challenges remain. SCP noted that supporting big data analysis in the cloud is forcing cloud technology providers to confront various architectural hurdles.
"The elasticity of the cloud makes it ideal for big data analytics -- the practice of rapidly crunching large volumes of unstructured data to identify patterns and improve business strategies -- according to several cloud providers" SCP said. "At the same time, the cloud's distributed nature can be problematic for big data analysis."
In the SCP article, Robert Jenkins, co-founder and chief technology officer of CloudSigma, a Zurich-based provider of technology infrastructure services, said, "The big problem with clouds is making the storage perform to a level that enables this kind of computing, and this would be the biggest reason why some people wouldn't use the cloud for big data processing."
The cloud storage challenges in big data analytics fall into two categories: capacity and performance, according to SCP. Scaling capacity, from a platform perspective, is something all cloud providers need to watch closely. In addition, storage performance in a highly virtualized, distributed cloud can also be "tricky," and the demands of big data analysis only magnify the issue, SCP noted.
The risk manager's point of view
Clearly, there are technological issues to be worked out for the converged technologies to deliver the benefits promised. But what types of challenges and risks will risk managers -- in particular, those managers who run the day-to-day operations within their sprawling, global companies -- face as convergence continues to progress?
According to Michael Liebowitz, director of insurance and risk management at New York University, big data projects may at times be "labor intensive," perhaps because the technology has yet to be perfected.
"Our software hasn't gotten to the point where it's human intelligence software," he said. As a result, information gathering must be done and human judgments need to be made before NYU starts crunching big data. "We talk to risk owners and document what they perceive risks are," he said. "Then we go to the big data to quantify and validate the risk. We would love it to be ahead of the curve, but it's just not there yet."
"Data security, data integrity and data accessibility are risks a company faces regardless of cloud storage or corporate-owned data storage options," said Southwest's Thorn. "A risk manager and the chief information officer must gain a clear understanding of the controls in place to protect sensitive data."
the matter of hardware
Another challenge addressed by risk managers and their companies is the emergence of bring-your-own-device (BYOD) as a policy -- or at least a debate -- within many organizations as devices become smaller, cheaper and more powerful.
More and more employees are seeking to bring their own mobile devices to work -- and to conduct business on them -- both in-house and elsewhere, and the headache of multiple platforms and tougher security as these devices connect to the corporate network becomes a daunting reality. What will the widespread push for the BYOD trend mean to risk managers and the companies they serve?
"One challenge of BYOD is that because of the availability of information, a risk manager needs to be able to filter out data that is less useful," said Ron Carlson, risk management information systems and process improvement manager for LDS Church Risk Management. "Also, the availability of information will increase the expectations on a risk manager to provide risk management services."
The solution, he said, is that risk managers must "improve our risk management processes in conjunction with the early adoption of these convergence tools and technologies."
In effect, risk managers are themselves becoming the guardians of the data that is most valuable to their companies. "Continuous end-user training helps every individual see himself as a 'data guardian,' " said Emily Cummins, director of tax and risk management for the National Rifle Association. "This remains fundamental, whether [the employee] is carrying a sheaf of papers in hand or accessing a virtual private network."
"BYOD is going to be more and more prevalent," Thorn said."The use of smart phones and tablets is the new reality. These devices should be used to access a secure website and not to actually store sensitive data. Prior to BYOD, companies faced the same risks with company-owned laptops that were off premises. Cloud-based systems are changing the way we use computers and mobile devices by having them serve as access points rather than containing the data on the hard drive.
"I believe we need to change the way a user accesses data sites," Thorn said. "Rather than entering a password, the user's face or fingerprint will be scanned and recognized. This or something similar will become the new standard."
Thorn also said that, rather than putting limits on devices that can be used, organizations could instead control what the user can see "based upon their need to know." This would enable the devices to be more secure and "offer more advantages than disadvantages."
Another obvious question is how the risk manager can circumvent the problem of static, or only slightly increased information technology budgets as it relates to adding new devices and/or capabilities for risk managers.
Bob Morrell, CEO of Riskonnect,a Marietta, Ga.-based provider of enterprise technology platforms for the risk management industry, said that risk managers will need to operate in many different technological environments in order to do their jobs well. Having that capability, he pointed out, drives up the cost to deliver solutions from corporate information technology departments.
It is a quandary that will ultimately force companies and risk managers to make technological choices with regard to hardware and service options. "There is no way to keep up with all the platforms, and I don't see IT coming to the rescue," said Morrell. "Risk managers must make key choices on technology and service providers."
ARA TREMBLY, the technology columnist for Risk & Insurance®, is founder of Ara Trembly, The Tech Consultant. He writes about insurance and technology and can be reached at email@example.com.
March 1, 2013
Copyright 2013© LRP Publications