For three years running, I have been presenting “Tech Challenges and Trends Facing the Modern Organization” at Applied Net alongside Applied Systems’ Jim Knecht and RedBird Security’s Nicholas Oliver, and cannot wait to be back this October. This session is an unscripted, open forum where the three of us share our expertise on topics and questions brought by attendees. As a preview of just some of what we might discuss, I have rounded up three key challenges agencies or brokerage’s will likely face over the next year.
Security “Layers”
These days, security is paramount. Every action must be seen through the lens of security. One perspective for approaching security for agencies and brokerages; think in terms of “layers”.
Layer 1: Authentication
How do you prove that you’re allowed to have access? In other words, how do you prove who you are?
Passwords have been around forever, but everyone knows that passwords have their own inherent issues. For example, being easy to guess, find, or steal. Two-factor, or multi-factor, authentication is a strong emerging trend — and one that is becoming normalized. It is one of the best ways to prove who you are.
Layer 2: Boundaries
Boundaries are related to routers or firewalls. All internet access goes thru a router and the smart ones (also called firewalls) can inspect and make decisions about the data passing thru. This smart device is the gateway between your internal network and the woes of the internet.
Layer 3: Content Filtering
Content filtering involves examining the data and making decisions. It could be a virus, or a web page that is blocked by policy. Another way to examine content is thru email. A policy can capture an email and route it thru an encryption system. Email encryption typically works one of two ways: (1) policy-based, which allows the system to examine the email and encrypt as needed based on the policy, or (2) on-demand, which uses a “plug-in” to Outlook and adds a “button” to the Outlook toolbar.
Layer 4: The People
Perhaps the most important layer is people. In a recent presentation, world-renowned security expert Frank Abagnale made this noteworthy statement: “I spend most of my time with breaches. I have worked every breach back to T.J.Maxx 15 years ago, and this is what I’ve learned. First of all, every single breach — every breach — occurs because somebody in that company did something they weren’t supposed to do or somebody in that company failed to do something they were supposed to do. Hackers do not cause breaches.”
What can we do about this weak link? I highly recommend “Security Awareness Training” for all employees. This training helps your agency or brokerage ensure that the end user is both aware and cautious and significantly contributing to your security profile. One of the best training programs is provided by KnowBe4, Inc.
Every single breach — every breach — occurs because somebody in that company did something they weren’t supposed to do or somebody in that company failed to do something they were supposed to do.
Layer 5: Compliance
The final layer of security is compliance. While New York was the first to impose strict security requirements, four other states have since followed with their own. The NAIC Model Law seeks to unify the cybersecurity framework for all states.
Cloud
We’ve been hearing the term “cloud” for more than 15 years, but the evolution of Applied Systems technology, coupled with Microsoft Office 365, presents a mature cloud pairing that gets at what most agency and brokerage staff teams need. A fully cloud-based solution that provides a work-from-anywhere experience that is highly secure and highly available.
Most agencies or brokerages had a Microsoft Exchange email server in-house. Now, Office 365-hosted Exchange provides a clear path to move that email system to the cloud. Most organizations also had an on-premise server or PC-based data in files and folders. The Office 365 OneDrive and SharePoint provide cloud alternatives to that site-based data. Applied Cloud provides service for over 100,000 users. See this great video for an overview of the offering:
Hardware
Another significant shift is away from Windows 7 PCs and Server 2008. This coming January 2020 will see the end of support for these widely used systems. Many agencies and brokerages are still running these systems and it’s coming down to the wire to get migrations completed.
In the age of portable devices that we live in, and with cloud offerings emerging as a dominating force, the landscape for user devices, or hardware, is significantly changing.
Many are choosing to use tablets and laptops for a work-from-anywhere experience. Once again, the options are more mature and we will see this enhance productivity and, potentially, work-life balance.