Risk and Challenges associated with cloud migration in the insurance sector

By Mr. Girish Nayak – Chief – Service, Operations, Technology at ICICI Lombard GIC Ltd

In a physical-intensive industry like insurance, we have seen digital adoption increase
tremendously across customers, channel partners, and other stakeholders. Increased mobile penetration and the availability of data started this journey, and the pandemic accelerated it. As an organization, we have been early adopters of Technology and the Cloud was no exception.

We had moved our entire test and development setup to the Cloud in 2013 and our entire
productivity and office suite onto a SaaS platform a year later. The ability to experiment and
leverage the high computing power on the Cloud helped us in kickstarting our AI/ML journey in the year 2018 when we developed complex deep learning and machine learning algorithms.

Till recently, we had been largely utilizing the Cloud as an infrastructure platform. However, in early 2021 was when we looked at moving the entire data center to the Cloud. The focus at that time was multifold –

(1) to adopt agility in our systems, to help rapidly develop, test, and deploy new applications (2) to be able to rapidly scale our infrastructure considering the growth in volumes and our increased focus on digital

(3) to increase the reliability and efficiency of our infrastructure to help service all our stakeholders and at the same time develop a roadmap for retiring our technical debt

(4) be able to leverage the latest technologies to help innovation and drive business in the long run.

We started the entire Cloud migration journey in early 2021 with a strategy of following a lift- the and-shift approach followed by continuous re-architecting and re-building. However, even before we started, our first focus was on security. On-prem, since we were a part of the larger ICICI Group, we had maintained the highest levels of security and it was imperative for us to have the same exacting standards of security for our cloud footprint as we would be connected to the shared data center for some time. We spent our initial six months setting up the entire secure landing zone on the cloud. Once ready, we had the setup audited by security experts.

Only then were we ready to receive our first application from our on-prem data center?
Along the way, we challenged a few pre-conceived notions, such as one that moving
between the on-prem data center and the Cloud was the job of only the infrastructure team. On the Cloud, the application owner has a lot more control over the infrastructure and we adopted a model of centralized Cloud governance with decentralized execution. This model helped reduce the time and effort of migration of many applications.

At the same time, this helped us in running a multi-threaded migration operation across the organization. Our entire approach to migration was focused on setting up the foundation and security layer; followed by moving the low-risk and complexity applications first; observing, analyzing, learning, and fine-tuning the approach. This was followed by the movement of the medium-risk applications and the high-risk applications.

We hit some technical glitches along the way which resulted in a minor delay and small cost overrun but we are proud to say that we are the first large private insurer to move all our applications, including the core, to the Cloud. Having said that, our journey has just begun. Our choice of the lift-and-shift route means that we have invested heavily to achieve a near-term objective. This meant that we immediately needed to start rearchitecting and rebuilding our applications post-migration. What we have seen is that moving our complete set-up onto the cloud has given us some immediate benefits, including stability, availability, and scalability. Progressive modernization of our stack, and rearchitecting of our applications, would help us become truly cloud native and exploit the full benefits of the cloud.

While this has been an exciting journey so far, we have had great learnings along the way.
During the planning stages, most organizations spend a lot of time on server sizing and optimization but not on network sizing. Network routing is critical, especially if you are doing migration in phases and you have interconnected applications. Ensure that you plan for disaster recovery and security at the beginning itself.

Be ready for a complete overhaul of the IT operating model. Reskilling and upskilling of the existing workforce in new technologies (Data, AI/ML) as well as in new ways of working (Agile/DevOps) is critical. The larger organization needs to be aligned and trained for new ways of working. Ensure that key performance indicators (be it increased digital adoption, increased reliability, or big data and analytics) are discussed and finalized before you start your Cloud migration journey. This journey is an organization-wide continuous transformational journey that will help businesses both survive and thrive in years to come.

AIinsuranceMLPandemictechnology
Comments (0)
Add Comment