It is the DNA that has been the essence of Merkur Insurance since 1798: the human miracle. With the experience of so many years of company history, Austria’s most traditional insurance company focuses on people and their protection. Its core competence lies in the area of private health insurance. Its corporate values are based on self-determination and freedom, which Austria’s most traditional insurance company places in the hands of both customers and employees. With its new brand identity since the beginning of the year, Merkur Versicherung is making a strong statement about the miracle of the human being and is emphasising its identity.
Careful handling of customer data is one of the biggest challenges in IT
Merkur Versicherung attaches great importance to the careful handling of customer data. Health data is particularly worthy of protection, and it is essential to meet the increased legal requirements. Besides, it has to be determined who may access, process and provide which data and how long data records must be kept. With the help of a well-thought-out and networked document management system, all processes related to customers, such as correspondence or payment transactions, are traceable. To this end, training sessions were conducted with numerous employees. Clients’ rights about the handling of their data were strengthened, and processes were implemented to ensure these rights in a timely and comprehensive manner.
A second significant challenge concerns digitalisation. Merkur has laid the foundation and has already introduced many automated processes that run without external intervention, except for implemented control mechanisms. Using an example, Robert Picher, Head of IT Operations at Merkur, explains:
“If a customer wants to submit a pharmacy bill, they have several options for doing so: they can send it by e-mail, send a copy of the bill or scan it in using an app. The content is read automatically via various technical options, and some software developed in-house is also used for this purpose.“
Another essential point in the area of digitalisation arose last year due to the pandecmic. In the traditional insurance business, the advisor travelled to the customer and conducted a personal consultation. In Corona times, field staff quickly had to switch to video chat or co-browsing and had to deal with the issue of electronic signatures. The IT quickly provided the appropriate infrastructure out of necessity, and further ideas are about to be realised.
IT Security: No significant changes in cyber attacks last year
According to Robert Picher, “there have been hardly any changes in attacks in the last few months due to Corona. People are still trying to smuggle in malware via the phishing e-mail gateway, but our employees are very well trained to keep a close eye on this. We conduct regular training sessions to raise awareness“. Within these trainings, suspicious e-mail addresses and attachment checks are dealt with as well as the nomination of contact persons in case of doubt. Various recent news about hacker attacks, also in Austria, have prompted Merkur to take new approaches in the future. “Prevention against hacker attacks is certainly essential, but if you get caught in the crosshairs of professionals, an emergency plan to protect your data and how it can be restored in case of an incident is essential,” Robert Picher explains the strategic approach. Real case studies illustrate and analyse how hackers proceed and how everyone can do their part to avoid a successful attack.
IKARUS mobile.management in use for 4 years
About 4 years ago, Merkur was looking for a new MDM solution (Mobile Device Management). For the approximately 500 smartphones in use, IKARUS and A1 presented themselves as an attractive bundle compared to other providers. The decisive factor in the decision in favour of A1/IKARUS “was, on the one hand, the attractive price package, including the renewal of mobile phones, and on the other hand the functional scope with cloud service, which seemed to be a practicable way for the future compared to the on-promise solution used until then,” Robert Picher explains the decision at the time. IKARUS mobile.management makes it particularly easy to keep track of and control users’ mobile access. Merkur relies on DEP (Device Enrollment Program) for the device management of the mainly used Apple devices. Based on the recommendation of A1 /IKARUS, the registration and integration of iPhones and iPads is very simple. After the employees have activated their new device, the company-defined account setting configures itself and installs approved apps and access to IT services. Remote configuration and remote control of the mobile devices enable the reliable implementation of the company policy across all systems, protect devices and data from unplanned and unwanted third-party access and the loss of data. Should there still be problems with a large number of end devices and the high administrative effort, the communication with the IKARUS support works very well. “We now know each other and appreciate the professional cooperation,” Robert Picher summarises.
In principle, Merkur prefers local partners, who are ultimately also considered in the decision matrix. Robert Picher says: “It makes certain things easier if you have a local partner and a German-speaking contact person on the phone, for example, to clarify technical issues.”
Future challenges in the IT security sector
The balancing act between IT security and usability is an important challenge, especially since the two topics do not always pull in the same direction. Robert Picher cites containerisation as an example: “It’s a great and secure thing, but if a field worker is looking for an address in his car and it’s stored in a container with the best possible security, the best security won’t help if it’s not fully usable in practice.” Caution is required here because users tend to circumvent security measures, such as overcomplicated password requirements. The challenge is not to take sides but to work together to solve such issues.