Author: Aman Pathania, Associate Director - Product Management, Moody's
Catastrophe modelers and underwriters need to be empowered with seamless connectivity and shouldn’t need an IT ticket to access exposure databases. Here’s how Moody’s VPN for Data Bridge is eliminating that friction—for good.
Catastrophe modeling runs on data. Every exposure analysis, accumulation review, and underwriting decision typically starts with a T-SQL query against an exposure database—and for that query to return results, a secure, reliable connection must exist between the organization and the platform hosting the data and model engines. What needs to be considered to achieve this?
First, chief information officers (CIOs) and chief security officers (CSOs) representing large and medium-sized insurers and reinsurers have clear, non-negotiable mandates: all external connectivity must be encrypted, auditable, and compliant with organizational security standards.
Second, when organizations do pursue a virtual private network (VPN) as the right answer, they run into the unchanged reality of enterprise networking: two teams, one conference bridge, hours of manual configuration, and a process so error-prone that a single mistyped subnet can set the entire effort back by days.
Third, while IT works through that process, the business waits. A cat modeler blocked by a stale firewall rule on the morning of a major event, an underwriter who cannot run a portfolio query before a renewal deadline—the cost of connectivity friction is measured in decisions delayed, and opportunities missed.
Moody’s VPN for Data Bridge was built to resolve these challenges—not work around them. Launched in January 2026, it is the insurance industry’s first truly self-serve site-to-site VPN solution: enterprise-grade IPSec security configured entirely within Moody's Intelligent Risk Platform™, without vendor calls, subnet spreadsheets, and without IT becoming a bottleneck for every connectivity event.
Since launch, we have continued to expand its capabilities—and the most transformative features are still arriving.
The networking problem that nobody puts on a slide
No organization operating in today’s regulatory environment is willing to compromise on security. That is not by preference—it is a baseline.
Legislation requires that personal data in transit be protected through appropriate technical measures—a standard that unencrypted Internet paths do not meet.
The National Association of Insurance Commissioners (NAIC) cybersecurity regulations hold U.S. insurers accountable for demonstrating controlled, auditable access to sensitive data systems. Solvency II places operational risk obligations on European insurers that extend directly to how data infrastructure is accessed and governed.
Taken together, these frameworks create an unambiguous organizational imperative: connectivity between an insurer’s infrastructure and any external platform must be encrypted, authenticated, and fully auditable. There is no negotiating with that requirement.
The VPN has long been the industry’s answer to that standard, and for good reason. A site-to-site IPSec tunnel provides encrypted, network-authenticated connectivity that satisfies even the most demanding security frameworks. It keeps traffic off the open Internet, governs access by network membership rather than device identity, and gives security teams the audit trail they need. In principle, it is exactly the right mechanism. In practice, building one has always been a problem.
Establishing a VPN connection between two enterprise infrastructures today looks much the same as it did a decade ago. Network engineers from both sides get on a call. Subnet ranges are exchanged. Routing parameters are configured manually, entry by entry. Pre-shared keys are generated and shared using back-channels.
If someone makes a typo, the tunnel fails validation. The call runs long, a follow-up is scheduled, and the process starts over. For global organizations spanning multiple time zones, a single connectivity setup can consume days of engineering effort on both sides—and any future change, whether a key rotation, a routing update, or a new subnet requirement, restarts the same cycle.
The deeper issue is not just the hours lost. It is what this friction forces organizations to accept as an alternative. Managing connectivity through IP white-listing feels familiar and low-effort—until you examine what it actually involves.
Every user with an IP address change needs a ticket raised and a rule updated. Every new analyst joining a modeling team will trigger a manual access change. Every office move, every remote working day from a new location, every laptop refresh creates a gap between what the access control list says and what reality requires. At scale, across a distributed team of catastrophe modelers and underwriters working across geographies, that gap is never fully closed. The list is always, to some degree, wrong.
Why Moody's VPN for Data Bridge is the right answer—and why self-serve changes everything
Site-to-site VPN with IPSec encryption is not a new technology. It is, in fact, the standard that enterprise security teams across financial services, insurance, and healthcare have converged on as the baseline for secure connectivity over public networks.
Regulatory frameworks, including the General Data Protection Regulation (GDPR) in the European Union, the NAIC Insurance Data Security Model Law, and Solvency II, increasingly reflect this—not just as best practice, but as an organizational compliance requirement.
The reason IP white-listing has persisted alongside VPN is not a technical merit. It persists because standing up with a site-to-site VPN has traditionally required significant IT involvement, vendor coordination, and ongoing management. For many organizations, the operational cost of VPN was comparable to the operational cost of managing the whitelist—so the simpler-seeming option stayed.
Moody's VPN for Data Bridge changes that equation. When VPN connectivity can be configured by an IRP administrator through a platform UI—without vendor calls, without subnet spreadsheets, without a two-day back-and-forth to validate settings—the operational case for VPN becomes straightforward. You get better security, better compliance posture, and less ongoing work, not more.
That is the fundamental shift this product represents: not just bringing VPN to the insurance industry's exposure data workflows, but making it genuinely, completely self-serve.
What we built: A platform-native VPN for the insurance industry
Moody's VPN for Data Bridge establishes an encrypted IPSec tunnel between your organization's network and your Intelligent Risk Platform tenant. Once the tunnel is up, every user on your corporate network connects to every Data Bridge instance through that single channel—no per-user setup, no device-level configuration, no additional VPN client software to install.
From a business user's perspective, the experience is transparent. They connect to their organization's network as they always do. Access to Data Bridge follows automatically. The network boundary between their machine and Moody's infrastructure is encrypted and authenticated without any visible steps in their workflow.
From an IT perspective, the difference is structural. The organization is no longer maintaining a list of approved device IPs—a list that is guaranteed to be wrong at any given moment for some portion of the user base. Instead, access is governed by network membership: if you are on the organization's network, you reach Data Bridge; if you are not, you cannot. That is a fundamentally more defensible security model.
Core capabilities include:
- Encrypted tunnels for all users and all Data Bridge instances: Site-to-site IPSec tunnel covers every user on the corporate network and every Data Bridge instance on the tenant. No per-user configuration, no per-database firewall rules.
- Built-in tunnel resiliency: With two active tunnels, it helps maintain connectivity and minimize downtime if one tunnel is disrupted—giving organizations a more resilient setup for business-critical access.
- Static and Border Gateway Protocol (BGP) routing: Organizations can configure static routes for simpler environments or enable BGP for dynamic routing across complex network topologies. BGP supports automated route propagation and one-click enable/disable from the platform.
- Self-serve BGP Autonomous System Number (ASN) configuration: Network engineers configure their organization's BGP.
- Non-overlapping subnet validation: Instead of relying on two network teams to manually review and agree on an alternative subnet range, your network engineers provide a non-overlapping range in the platform, and Moody's uses it to configure IP settings automatically—turning a slow, manual coordination step into a faster, simpler setup experience.
- Centralized pre-shared key management: All encryption keys are stored in a unified key store within Moody’s Intelligent Risk Platform. Key rotation—required by most organizational security policies—is handled natively, with clear visibility into active and expired keys.
- Complete audit trail: Every configuration change is logged with comprehensive metadata. Security and compliance teams have a full record of what was changed, when, and by whom.
- Full API automation: Using Intelligent Risk Platform API integration—organizations are enabled to achieve automation for infrastructure-as-code, automated tunnel provisioning, and custom orchestration workflows that move connectivity from manual setup to true end-to-end automation.
Who benefits most?
A simple way to assess a connectivity solution is to ask: who benefits, and in what way?
Network and IT teams: The recurring maintenance burden of IP white-list management—adding and updating addresses when staff travel, removing stale entries, responding to access tickets—is eliminated after initial setup. Network engineers configure the VPN once. The platform manages the rest. The organization's IT team is no longer on the critical path for every connectivity event.
Security and compliance teams: Site-to-site IPSec satisfies the encrypted connectivity requirements of the most stringent organizational security frameworks. Business users must be on the corporate network to reach Data Bridge—no individual device is independently trusted, and no traffic reaches the platform over uncontrolled Internet paths. The audit log, key lifecycle management, and subnet controls give compliance teams the governance visibility they need for regulatory reporting.
Catastrophe modelers, underwriters, and exposure managers: Connectivity to exposure databases works—from any office, from home, from a client site—as long as the user is on the organization's network. There are no tickets to raise when a laptop's IP address changes. There is no waiting on IT. The data is there when the work requires it.
Across the organization: The total cost of managing T-SQL connectivity to Data Bridge drops significantly. Time previously consumed by ticket resolution, whitelist maintenance, and networking coordination is redirected to higher-value work. Onboarding a new team of analysts does not trigger a wave of firewall rule updates—it is handled by the existing VPN infrastructure the moment they connect to the corporate network.
What's coming in June 2026: Live visibility into your IPSec tunnel
Moody’s VPN for Data Bridge was designed from the outset to put control entirely in the hands of the organizations using it. Every capability released since January 2026 has moved in that direction—from self-serve configuration and BGP ASN management to centralized key lifecycle control and full API automation. In June 2026, we are taking that commitment a significant step further.
Automated Tunnel Status Propagation brings real-time, continuously updated visibility into the state of your IPSec tunnel directly into the Intelligent Risk Platform. As configuration changes propagate through Moody’s infrastructure, network engineers see exactly what is happening—live—without waiting, without guessing, and without needing to reach out to anyone on the Moody’s side to confirm that a change has taken effect.
This is a meaningful leap in what self-serve VPN management can look like. Network engineers gain the confidence to configure, modify, and activate VPN connectivity entirely on their own schedule—with the platform providing the precise, real-time signals they need to move forward at each step. The experience of setting up or updating a VPN tunnel becomes as transparent and controllable as any other platform workflow.
The feature delivers:
- Live tunnel status tracking: Real-time updates reflecting the actual propagation state of your VPN configuration, so engineers see what is happening as it happens—not after a fixed waiting period.
- Precise activation guidance: Clear, data-driven signals indicating exactly when the VPN on the Intelligent Risk Platform is ready to handle traffic, eliminating the guesswork of switching connectivity before propagation is complete.
- Detailed tunnel metadata: Comprehensive status information designed for network engineers—giving them the precise diagnostic data they need to self-serve troubleshoot and resolve configuration issues without opening a support case.
A new standard for secure connectivity in insurance
VPN is not a novel concept. What is novel is a VPN product designed from the ground up for the insurance industry's specific workflows—one that meets enterprise security and compliance requirements without the enterprise-scale operational burden that has historically made VPN the more difficult choice.
Moody's VPN for Data Bridge gives insurance organizations a connectivity model built around the principle that security and operational simplicity are not opposing forces. The most secure option should also be the easiest option to maintain. That is what we have built, and with the June 2026 release, it is what we are completing.
For IT teams managing complex, distributed organizations: one setup, one tunnel, no ongoing white-list management. For security and compliance teams: encrypted connectivity, auditable access, and a governance framework that satisfies regulatory obligations. For the business teams driving catastrophe modeling, underwriting, and exposure analysis: data access that keeps pace with the work, wherever the work happens.
Ready to transform secure connectivity for your team? Contact us at sales@moodys.com to learn more about Moody's VPN for Data Bridge, or connect with us at Exceedance 2026 (June 1-4, 2026, Fort Lauderdale, FL) to see what’s next.