InsurTechs could ensure the security of sensitive policyholder data on their digital platforms by starting with end-to-end encryption, locking down data both at rest and in transit using industry-leading encryption, according to eSanad Insurance CEO Mr Anas Mistareehi.
Speaking to MiddleEast Insurance Review, he said, “This ensures that even if data is intercepted, it remains unreadable.”
Citing his company, a digital insurance broker, as an example, he said that its platform relied on AI-driven threat detection to monitor for anomalies like unusual login patterns or data spikes in real time.
“This capability became especially valuable after the UAE’s April 2024 floods exposed new cyber risks tied to a surge in claims,” he said.
He added that eSanad Insurance, an Abu Dhabi-based InsurTech, also integrated blockchain technology to create transparent, tamper-proof records. These ensure that they are aligned with the principles of takaful.
Mr Mistareehi also said that access to policyholder data could be managed through role-based access control, which would ensure that only authorised personnel could access sensitive information on a strict need-to-know basis to minimise internal risks.
In addition, he said that data segmentation ensured customer information was compartmentalised, reducing exposure in case of a breach.
Even after securing the data, he said that insurance companies could carry out regular penetration testing to simulate attacks and identify vulnerabilities before they can be exploited.
At the same time, Mr Mistareehi said that if customers were educated about security risks as well, particularly around social media scams and phishing attempts, they could be empowered to protect their data, too.
This proactive approach would combine “cutting-edge technology, strict protocols and customer awareness to build a holistic shield around policyholder data”, he said.
Compliance framework
If a company’s compliance framework adheres to the UAE’s Personal Data Protection Law and global standards like GDPR, much like eSanad Insurance’s, according to Mr Mistareehi, it would ensure that customer data is handled with the highest level of security and accountability.
He also said that automated backups and a robust disaster recovery plan would ensure business continuity even in the event of a security breach.