Every day an independent agency’s employees and producers tap their computer keyboards, phones and tablets to log on to carrier websites. With each system login, they’re creating a risk to your technology security.
Every day your independent agency's employees and producers tap their computer keyboards, phones and tablets to log on to carrier websites. With each system login, they're creating a risk to your technology security as an agency.
That gentle tapping should sound more like an alarm bell to remind agency principals to deal with the big issue of credential management. “Handling sensitive information is now one of the most critical responsibilities faced by the modern insurance agency," according to the Big “I" Agents Council for Technology (ACT).
Years ago, passwords were a novel way to increase security. At agencies today, entering user IDs and passwords website by website for 20, 30 or 50 carriers grows less and less efficient with every carrier appointment and every new hire—and drastically slows business.
It also creates more risk. You might think that agency customer databases aren't of high interest to hackers. But if that risk doesn't faze you, think of the increasing number of state regulations about privacy standards. Unfortunately, these regulations don't tell you what you need to do; they just point out the punishment if you fail.
Then there's the issue of cost. A survey of 400 independent agents by nonprofit coalition ID Federation found that it takes 30-60 minutes or more for an agency to add or delete a user. Respondents noted that, depending on agency size, they must manage between 35 and 7,200 passwords for workers to access partner systems.
For my agency, all that credential work translates to staff time and cost of an estimated $50 a year per user per carrier. At this rate, an agency with 25 users and 40 carrier or managing general agent connections would tally credential management costs of up to $50,000 per year.
There's a way to lower that cost and at the same time make your agency's data more secure: federated identity management solutions. They give each agency user single sign-on to access all of their carriers and solution providers who participate—which can reduce costs for agencies and carriers.
With federated identity, agencies don't need to track all password expiration dates for multiple carriers and users. For agencies, it works behind the scenes in the agency management system after carriers implement it.
My own agency shows the viability of this approach. MMG Insurance collaborated with Foy Insurance to implement SignOn Once on a pilot basis in 2019. The pilot showed two business partners could increase the effectiveness and efficiency of identity management with a new login process that also improves login security.
There are far too many carriers who aren't aware of this new solution to create a better customer experience for their agency partners. I urge you to let your top carriers know about these solutions and how they can make workflows faster and safer for everyone.
Mike Foy is president and owner of Foy Insurance Group, a family of independent insurance agencies in New Hampshire, Maine and Massachusetts. He is active with ID Federation's SignOn Once credential management solution and is past chair of NetVU (Network of Vertafore Users).
This article was originally posted in the August 2020 issue of Independent Agent magazine.