Downloads

Keywords:

Cloud security, insurance operations, modernization, multi-tenant architectures, data isolation, access control, regulatory compliance, tenant segmentation, identity management, encryption, shared responsibility model, threat detection, secure configuration, risk management, data privacy, scalability, governance, API security, policy enforcement, zero trust, monitoring, incident response, cloud-native security, vulnerability management, compliance auditing, DevSecOps, cloud workload protection, security automation, third-party risk.

Cloud Security Challenges in Modernizing Insurance Operations with Multi-Tenant Architectures

Authors

Sneha Singireddy1 | Balaji Adusupalli2
Masters 1 DevOps architect - Small commercial Insurance , ACE American Insurance, New Jersey 2

Abstract

Modern enterprises have embarked upon a tide of application modernization to leverage the promise of agility and lower costs in modern, cloud-based and multi-tenant architectures. While some application migration efforts focus only on a lift-and-shift approach, others contemplate bigger changes to take advantage of drastically newer technologies both in core business logic, as well as in supporting systems such as underwriting, claims, policy systems, etc. In this context, security considerations must permeate all aspects of the architecture, including secrecy, authentication, access control, accountability and audits, correctness, availability, data integrity, encryption, and loss prevention, logging security, network security, packet filtering, risk assessment, key management, certificates, storage security, system configuration, disaster recovery, attack tools, crypto, virtualization, firewalls, IDS/IPS, and zapping. Further, based on the challenges of security for multi-tenant architectures and of cloud security, we enumerate and describe the specific security recommendations to take into account while architecting multi-tenant architectures and note the gaps that cloud vendors offer.

From the perspective of the stakeholder’s sweet spot, a multi-tenant architecture permits hosting entities to share devices, networks, and storage, gain economies of scale with lower costs, and efficiently service a large set of clients. Cloud offerings promise economies of scale as well as lower prices, allowing insurers to compete more effectively. Lower costs and speed of provisioning infrastructure allow smaller companies and start-ups to arise quickly and rapidly penetrate markets with innovative products. With a level playing field, insurers need differentiated product offerings to compete, enable innovation, and drive growth. At the same time, financial services are some of the most regulated industries, and insurers must be good stewards and protectors of their customers’ most personal and sensitive data. Insurance companies have long invested in security infrastructure to protect themselves. The migration to the cloud for lower costs must not come at the expense of reduced data protection.

Article Details

Published

2019-12-30

DOI:

https://doi.org/10.18535/ijecs.v8i12.4433

Issue

Vol. 8 No. 12 (2019)

Section

Articles

License

Copyright (c) 2019 International Journal of Engineering and Computer Science Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

How to Cite

Cloud Security Challenges in Modernizing Insurance Operations with Multi-Tenant Architectures. (2019). International Journal of Engineering and Computer Science, 8(12). https://doi.org/10.18535/ijecs.v8i12.4433