Case study: Towergate Insurance – achieving “good enough” IT in the cloud
If you’ve worked in information technology long enough, you’ve fallen prey to the urge to pursue technology on the cutting edge or even the bleeding edge. Why not? Having the latest and greatest technology is surely the best way to outrun your competition, right?
Well, not necessarily, observes Scott Ferguson, editor of Enterprise Cloud News (Banking Technology‘s sister publication).
For Towergate Insurance Brokers, the opposite proved true: “Good enough” IT sometimes really is good enough.
The UK-based insurance broker is in the middle of a digital transformation, moving all its data and IT infrastructure into the cloud, as well as relying on Software-as-a-Service (SaaS) for applications. All of this means the company will standardise on Microsoft offerings, including its Azure public cloud, as well as Windows 10, Office 365, Skype for Business and Dynamic 365. (Towergate also uses British Telecom for networking and end-point security.)
Gordon Walters, the CIO of Towergate, observed that it would take two years longer than he wanted to bring the organisation up to the cutting edge of IT technology. By the time that happened, the bleeding edge would have moved on and his firm would still be behind the times.
“What we wanted was all cloud-based, and we adopted a ‘good enough’ philosophy,” Walters told Enterprise Cloud News in a recent interview. “We’re not a big IT shop, and what we really wanted was to get back to dealing with customers.”
20 years of IT sprawl
Towergate’s journey to the cloud started about 20 years ago – specifically when the company started buying several other brokerage firms and growing. All told, the company, which is now one of Europe’s largest independently owned insurance brokers, has made about 300 acquisitions over two decades, but little attention was paid to its IT infrastructure.
Adding to the complexity was a deal announced earlier this year that will have Towergate merge with four other brokers to form a larger umbrella group.
Before the 2017 restructuring, Walters said the focus was on making sure the financial information was standardized across the company. When it came to hardware and software, the different businesses continued to use what they wanted when they wanted – and this stretched out across some 100 different sites.
As Walters explained: “When we acquired another brokerage, there was never any integration. The only type of integration we had was at the finance reporting level, so everything could be included in our figures going forward. The businesses were left on their own. Many were small businesses, so they would buy support from the local IT company that is next door. They would buy network capacity from anyone who happened to offer a good price.”
These disparate systems were causing prolonged failures throughout the company’s network that grew worse as time went on.
The breaking point happened in September 2015, when IT outages caused Towergate’s 4,000 employees to lose a combined total of about 9,000 hours of work time. “Everyone lost more than two days during that month,” Walters recalled. “Customers had to call in and we’d have to take the details down and phone back at some time in the future until the systems came back on again.”
Time for the cloud
Service – to customers, as well as employees – became the number one priority for Walters and his IT shop.
While Towergate contemplated building its own data centers, Walters eventually ruled against it, since no one on staff had that type of experience. At the same time, buying capacity and hardware and software from different vendors didn’t seem all that appealing.
The cloud, however, did have appeal.
Walters ruled against what is now becoming an increasingly popular option: multi-cloud. In the end, Towergate became a Microsoft-only shop. “We don’t want the complexity of multiple clouds because of where we were. I was looking for a few select partners in that flight to quality,” Walters said.
With the cloud in its sights, Towergate signed a long-term contract with Accenture, the giant consulting firm, to steer the company through the rigors of moving all its data to the cloud and moving to SaaS-based applications. The goal: slash IT costs by about $5 million.
Kamran Ikram, managing director for financial services and technology at Accenture, told Enterprise Cloud News the two companies worked together and embraced the idea of good-enough IT. In addition, since cloud computing continues to develop, what is cutting edge eventually becomes a standard add-on feature within most clouds.
“When a company invests and develops in its cloud solution, the features start coming for free, and that is part of the ongoing investment,” Ikram said.
Over a 12-month period that started with discovery, Accenture realised Towergate was suffering a major “shadow IT” problem. Different versions of Adobe were downloaded and never updated. There were seven versions of dictation software that, apparently, no one used. There were old Windows and Office tools. That doesn’t count the various physical assets, such as servers, routers, switches and PCs.
“We had a little bet about how many distinct apps would we find,” Walters said. “I guessed about 1,500, and we actually got to 2,600, which we will now rationalise down to 230.”r.
Within its call centers, Towergate managed to move most of its telephony to Skype for Business and decided to use plug-ins to help maintain the functionality it needed, rather than trying to customize and develop applications. (Microsoft is currently in the middle of moving Skype for Business to Teams.)
Security and good-enough IT
There’s also a major security component.
With the many systems Towergate had before, credit card and other personal data could be stored anywhere, with the possibilities that full information was all contained within one server. One breach could expose thousands of records. Now, all that information is uploaded into the Azure data center in Dublin, and no one section holds more than four digits of any specific credit card number.
Additionally, this type of security should help with the European Union’s General Data Protection Regulation (GDPR) rules, which go into effect in May 2018. The GDPR is designed to protect personal privacy and regulate what personal data can travel outside the EU. Businesses can face substantial fines if they run afoul of the laws. Centralisation of data can help with compliance.
“At least now we have a place to start,” Walters said, referring to GDPR compliance.
Now that the data has been moved, Walters and his team are looking to take additional steps, including better integration with the new company that is forming, looking at using Platform-as-a-Service (PaaS) to further reduce complexity and continuing to reduce the number of applications.
One thing Towergate won’t be doing is building any of its own apps. Again: good enough is good enough.
“By the time you got there and a spent the money to produce a product, the market would have gotten there anyway,” Walter added.