Small Is Beautiful

Any business — even the smallest family-based business — should protect itself as though it was a large company. Insurance brokerages are no different. Unfortunately, most of them don’t.This is especially true when it comes to technology.

Large insurance companies require IT systems to feature a high level of complexity. These companies are involved in the entire process of defining risk, determining insurance rates, claims management and managing investments as part of a heavily regulated industry. This means compliance is both mandatory and key to their success.

In contrast, many small, independently-owned brokerages, which exist in almost every town in Canada, are still immersed in paper-based processes. This is probably because this is how they have always done it. But the end result is a huge potential for security lapses and catastrophic data loss.

SMALLER BROKERAGE IT SYSTEMS

The processes associated with IT systems in smaller brokerages can be inefficient, resulting in frustration for employees and customers alike. Another common problem is that when brokerages grow through mergers and acquisitions, they often take over little pockets and islands of technology that differ (sometimes radically) from what is used at head office. Getting disparate systems to work together in a cohesive, efficient IT environment, with the appropriate levels of security, is a big problem in any industry. It can easily wind up as a management headache for the broker.

For example, the servers and data are at head office, but the branch office locations must have fast, simple and reliable access to those systems and all of that information. The business depends on it. When information traverses the Internet, security and compliance concerns have to be addressed. Let’s say an insurance brokerage grows through the mergers and acquisitions route, without having the necessary technology and security in place. Well, the whole business can be compromised. It’s no stretch to fathom what could happen if the wrong people get hold of such information. Here is an example.

Small brokerages may accept credit card payments from their clients. When they submit a batch of transactions to the bank without that information being encrypted and protected, those credit card numbers could be easily captured by anyone — and this happens. In fact, it happens more often than you think (in any industry), but most of the time we just don’t hear about it.

Many brokerages have failed to invest in the appropriate technology necessary to protect their systems and data from all the risks that are inherent in the high-tech world. This is the high-tech world we all do business in every day.

How do you resolve this? A one-hour assessment by a reputable IT provider will identify areas of concern throughout your environment. This can be done by means of a conversation, observation or a survey with some very simple questions. For instance, do you have antivirus and anti-spyware software? Do you have your entire IT environment backed up correctly? Do you have an appropriate and tested disaster recovery plan in place? Do you have a business-class fire-wall properly configured to ensure the security of your Internet connections? Do you allow people to work from home or other locations outside the office? If so, do you have simple methods for them to do so with adequate encryption of data and meaningful password protection? If the answer to any of these questions is no, you may have a problem.

Many people and organizations are under-insured and not protecting themselves appropriately from these risks. Similarly, smaller insurance brokerages are not protecting themselves appropriately when it comes to their IT practices. However, when selecting an outside IT provider, it is wise to exercise caution. The last thing you want from an IT consultant is to be oversold and under-serviced. Unfortunately, this sort of thing is endemic in the IT industry. You should ask any IT provider how they have used technology to solve a business problem in your industry.

CASE STUDY: ZEHR INSURANCE

Zehr Insurance, a general insurance broker based in New Hamburg, Ontario, is a family business that grew by word of mouth and by acquiring other brokerages. The head office has remained in New Hamburg. However, the expansion has involved multiple office locations requiring a connection to head office.

Several years ago, Zehr Insurance wanted to upgrade its IT infrastructure from a Microsoft NT server — including the network and an array of branch-office, modem communications systems — to a more current, supportable environment. A decision was made to have an IT firm upgrade the Zehr Insurance systems to the latest Microsoft Windows Server version. This would facilitate branch office access to corporate applications, and enable more timely and efficient communications with the new email system. The idea was to have all this work conducted during off-hours, evenings and weekends, resulting in minimal disruption to the business.

The conversion took place and a nightmare ensued. System downtime occurred so frequently that it seemed the system was down more often than it was up. Saying this had an impact on client service is an understatement. As a firm with multiple locations connected remotely to head office, Zehr Insurance had already spent months, and a lot of money, on this IT transition. But once it was done, the firm experienced serious problems with the system crashing repeatedly, not to mention issues with stability, availability, slow network performance and poor security. In addition, there were severe problems with branch connectivity, which is catastrophic for an insurance broker. In this business, software can affect 90% of everything you do. It’s not good when branches lose data and agents can neither access customer data nor connect to head office. Zehr needed a fix, and fast.

President John Zehr called us in as a third-party IT provider to perform an analysis and prepare a situation report. The news wasn’t good. They needed a complete IT overhaul. The brokerage used hardware it didn’t need, was missing hardware it did need and didn’t have fault tolerance in an area so critical as the server hard drives. This was clearly unacceptable.

In addition, there were multiple, small uninterruptible power supplies (UPS) instead of a single UPS correctly sized for their requirements, restricting the ability to centrally protect, manage, and monitor server equipment. As for fault tolerance, they were missing redundancy in server power supplies and network connections. If that wasn’t enough, all the software had to be reconfigured.

Taking our advice as its IT consultant, Zehr Insurance cleaned everything up over a busy weekend after meticulous project planning and design. Today Zehr has a stable, reliable and secure system in place at head office, and in all branch locations. That means a full head office network, integrated services, an insurance broker management system, Microsoft products — including Exchange for email, centralized contacts and collaborative tools — and branch offices that are seamlessly connected to the head office. In short, it is an enterprise-class service, which means a high-performance system that is fully secure. To this day, Zehr Insurance maintains a biweekly maintenance program. The servers, network equipment and client systems are updated regularly. Any calls for support are addressed as needed.

The company has 35 employees who are free to work from anywhere, requiring seamless connectivity just as if they are at their desks. Now they can do that. Licensing is managed, firewalls and virus protection are in place, recovery is assured in the event of a disaster and Zehr management can focus on running the business. The best thing about this is that IT is now viewed as an enabler, not a source of pain, cost, and irritation.