We can’t predict the future, but we can prepare for it. Disasters of many kinds can strike at your independent insurance agency, and it’s your job to be ready to jump into action. This means not only taking care of the physical needs of your property and staff, but also ensuring you can quickly get back to business as usual.
You can begin by thinking about the types of disasters your agency may face. A few of the most common are:
- Severe weather: Tornado, hurricane, flood, snowstorm, etc.
- Electrical failure: As a result of severe weather, downed lines, or faulty wiring
- Fire: Caused by human error, but also linked with severe weather
- Evacuation: Due to chemical spills, intruders/break-ins, severe weather
- Break-in/intruder: May be a physical break-in or hack in to data/software
In order to be ready when disaster strikes, your agency needs to plan accordingly for each type of disaster so you can address the two most important aspects of your business – your people and your information. Begin by setting up an evacuation plan, adjusting for each instance. Come up with alert systems to help inform employees and their families. Finally, create a contingency plan to help keep your agency running after disaster strikes.
The next most important area is your agency information. It is important to ensure your agency’s data and software are safe and available to continue to support your clients. Make use of cloud-based systems and software providers that ensure proper protection of your data. With a cloud-based system, your agency can be up immediately in the event of a disaster so that your clients never knew it happened.
Our Partner XE clients receive such protection from SIS through our secure servers operating with redundant backups and “always on” security. Read more about our data protection here or contact is today at firstname.lastname@example.org.
In our last posts, Cyber Security and Your Agency, Protecting Your Agency from Cyber Risk, and The Most Important Elements of Cyber Liability Coverage, we took a look at the growing cyber security threats and how the insurance industry is tackling this issue. To wrap up our series, we asked the experts – independent insurance agency owners. Here’s what some agency owners had to say on the topic.
What is the biggest cyber threat to your agency?
- Leslie Huesman, Huesman Insurance Group: “We worry most about people hacking into our system. Criminals are at work day and night to access personal data (for identity theft).”
- Steve Kramer, Kramer Insurance: “Our biggest risk is our people. We need to educate our staff and agents on how to handle (personal information). We worry about anyone being lax when it comes to handling such data.”
- John Heinsz, HSG Insurance Services: “The hacking of our database (and corruption of data).”
- Larry Harb, IT Risk Managers, Inc.: “The biggest threat to any agency owner is their employees and human error. When employees take home laptops, flash drives, or other mobile devices with sensitive information, it can easily be stolen leaving the data on those devices exposed. Data can also be lost or corrupted through viruses downloaded by individuals.”
What preventative measures can be taken to safeguard against data breaches?
- Steve: “Developing a plan for cyber security and covering how to handle (each piece of data) as it comes through the door. (We put together) a written ‘Information Security’ program and give each agent a self-assessment checklist. It’s not just a security plan, it’s a business plan.”
- Larry: “(You) need to set up preventative items. We want everybody to have security in place (in their agency), meaning encrypting data and using secure passwords. Our biggest asset is our data, so that data needs to be backed up and protected against computer meltdowns, too.”
What are the most important points of cyber liability coverage?
- Leslie: “There are two important parts: first is the money to pay for the damage to customers, second is providing our clients with a quarterback to run the show. This person helps our clients through the process of notification and meeting all requirements of a company that has had a data breach.”
- Larry: “The biggest piece that everyone buys is notification coverage, since database notification laws are set up in most states. It’s been estimated 60% of small businesses suffering a data breach go out of business within 6 months without such coverage. There is also electronic media coverage, which pertains to liable, slander, infringement of intellectual property rights, and online advertising violations committed by anyone associated with the covered business.”
What do you see as the future of cyber liability coverage?
- John: “Cyber liability coverage will become automatic coverage in most business policies and home policies, like Loss of Income in BOPs or Identity Theft in Home policies.”
- Larry: “Currently there is no standard policy language or definitions. When I talk to insurance agencies, I like to call it data based coverage. I’m trying to demystify this concept, telling business that cyber liability coverage is as important as sprinklers in your building. You can insure a building without sprinklers, but it’ll cost more.”
Each of our interviewees stressed the importance of adding cyber liability as a point of coverage for their customers. We at SIS know the importance of adding such coverage, which is why we made adding a new point of coverage as easy as creating a new template and adding it on to a new or renewal review.
To learn more about how Partner XE protects your data, check out our website or contact us today at email@example.com.
Healthcare insurance provider Anthem is just the latest in a long list of companies to recently suffer from online data attacks, putting thousands of their customers at risk of identity theft. Unless a business carries insurance coverage for cyber-threats, this PR nightmare could also strike at the company’s finances.
Cyber Liability Insurance for Business Owners
Due to the increased vulnerability of personal data stored online, cyber liability insurance is on the rise. Just as you purchase insurance to protect from unexpected physical threats, so, too, should business owners purchase coverage to protect from “invisible” online threats.
Cyber liability insurance is new to the game, and has yet to be consistent across agencies (it is also called “cyber risk,” “privacy,” and “information security” insurance). Despite its inconsistency, this coverage is becoming increasingly important. As an independent insurance agency owner, it’s in your best interest to provide such coverage for your customers who own businesses.
Cyber Liability Coverage
If you do not provide cyber liability insurance, you can get started by looking into the most common points of coverage. The points are as follows:
- Regulatory Coverage – Focuses on costs associated with lawsuits or fines against a business. This includes the cost of a defense lawyer and court fees.
- E & O Coverage – Pertains to data breeches due to a failure to prevent them, including storing unencrypted data or not using a firewall. Such coverage can also be a part of general, non-cyber specific E & O coverage.
- Notification Coverage – One of the largest pieces of cyber liability coverage. Most states now require businesses to notify customers of cyber breeches, and this point of coverage identifies the number of customers to be notified and the method (or methods) of notification.
- Data Restoration Coverage – Covers the cost of recovering damaged or lost data. Points of coverage may include replacing hardware or software, restoration, and replacement of other electronic assets.
- Crisis Coverage – Addresses the PR aspects of data loss. It covers everything from managing media relations to providing affected customers with credit monitoring.
- Liability and Slander Converge – An oft missed, but important piece of a business’s cyber liability coverage. This piece addresses online incidents of slander, liable, copyright infringement, or other reputational damage done by those representing a specific business. This typically applies to social media posts by company employees, but also includes information on a business’ website or other online portals.
SIS Helps Protect Businesses
These points are just the beginning of cyber liability coverage. As the industry focuses more on cyber coverage, guidelines and standards will begin to evolve. We at SIS are aware of and are responding to the growing need for cyber security and liability coverage, including attending industry conferences and hosting our own sessions on the topic. Find out more about how SIS is staying ahead of the curve on our website or by contacting us today at firstname.lastname@example.org .
When it comes to data security, any business accessing the internet is at risk. In our previous post, we analyzed the increasing frequency of data breeches, which cause your agency’s records to be vulnerable. In this world of high cyber risks, it’s important to identify these risks and prepare your agency to fight against them.
The largest threats to your agency’s data and cyber security are:
1. Viruses infecting your computer system and destroying data
2. Hackers accessing your systems and stealing personal records
3. Employee negligence such as leaving systems open or losing laptops, tablets, and other mobile devices
Many are surprised to see employees listed as one of your agency’s threats, but most data breeches in small to mid-sized businesses are a result of employee negligence. In order to protect your agency from all the above threats, you need to take preventative measures.
Create checklists, guidelines, and regulations for employees: This includes insisting on passwords for all devices accessing your system. Don’t allow employees to download personal data without encrypting files, and limit who is allowed to download. Have all emails containing sensitive data encrypted as well. Finally, discourage staff from accessing your agency’s system on public WiFi as this increases vulnerability to hacking.
Invest in secure backups: Ensure all your agency’s data is protected by backing up your system frequently, and storing it at an off-site location. It’s best to have an outside vendor, ideally your agency management system provider, store your data as they’ll have the infrastructure and heightened security needed to keep such a large amount of personal information safe.
Purchase cyber insurance: Although cyber liability insurance is nothing new, not many small to mid-sized businesses have invested in this important coverage. Cyber insurance helps keep your agency protected should a data breech occur. Among other things it will provide funds for the notification and reparations mandated by the federal government, should data be compromised.
Your agency’s data is most vulnerable through your agency management system, making it your number one priority for data security. We at SIS know the importance of keeping your management system secure, which is why we partner with the likes of RPost and Expedient Data Services, to keep you and your agency protected. Find out more about SIS and our mission to serve your agency here or contact us at email@example.com today.
Our world has changed a great deal in the past 10 years, with multiple technological advances and the rise of the digital age making sending and receiving information easier than ever. However, as with many such advances, there come an added risk. A recent Insurance Business America article reported 80% of business will experience a data security breach within 12 months.* Such a breach opens up business to loss of data, exposing the business, its clients, and employees to risks such as identity theft and potential lawsuits.
The insurance agency recognizes these digital risks, and has begun to take action to protect itself and its customers. Agencies are beginning to offer “information security”, “privacy”, or “cyber risk” coverage. Those the names may vary, the intent is the same: to protect individuals and business from cyber threats.
If you haven’t yet, it’s time for your agency to get on board. Cyber security is becoming increasingly relevant, including being named as the key initiative for 2015 by the National Association of Insurance Commissioners (NAIC). You can start to ready your agency by addressing cyber security through:
- Educating employees on good data security practices
- Employing multiple individuals to monitor threats
- Outsourcing data security management for constant vigilance
- Providing cyber liability coverage to customers
- Purchasing liability coverage for your agency
- Educating yourself on the latest agency practices and trends in cyber security
In our next series of blogs, we will explore in detail how to protect your agency and your customers from cyber threats. We at SIS are committed to investigating cyber security and implementing policies to protect our clients and their data. To find out more about how we’re working to protect you and your agency, contact us at 800.747.9273.
Staying up-to-date with the latest technology is important but, as we saw in our last post, can be expensive. As you assess your technology needs, it is helpful to keep in mind the high-cost items your agency needs – be aware of price range and budget accordingly. You may find it is best for your agency to purchase the most expensive tech items outright, or that a monthly payment plan works better. Whichever you chose, plan ahead! Here are some costly tech items to pay attention to:
Cloud storage and back-up are becoming the norm for any business dealing with client data. This is one thing you should never skimp on. Look for a provider that has multiple levels of back-ups and a stellar reputation. If there is one place to invest a little extra, it’s here.
Pen and paper signatures and back and forth faxing are on their way out. The convenience and security of esignatures is winning the day. Although it may be pricier than you’d like, with some at close to $300 a month, investing in an esignature software will bring higher efficiency and productivity. The customer satisfaction boost that is more than worth it.
Although you may not be purchasing high cost laptops or smartphones for your employees, the volume of your purchases can be significant. To keep your agency up to date, you need to make sure your staff have access to reliable hardware that is compatible with current technology. . It’s best for you to purchase the same brand for all employees, and to regularly update.
Your agency must be online, and not just a website! You need a mobile website and social media presence. Many agencies find it beneficial to outsource their website and social media work, which can come at a cost. Your website is your best sales and service resource. Serving as a customer service portal and one of the best ways to track and convert leads, it’s important to have it done well. Your social media presence also serves customers and leads by keeping them updating and directing them to your website. With such a high ROI, it’s worth investing in your online presence.
Agency Management System
This one may seem obvious, but some agencies make the mistake of overpaying for software that they don’t use or skimping and buying one that doesn’t help an agency improve productivity. With the right agency management system, you can get cloud storage, esigning, and elements like mobile access. With so much riding on having a successful system, this is the place to invest the most and require the best.
We at SIS know the importance of keeping up with tech and our Partner XE reflects this commitment. Automatic data back-up, cloud storage, esignature integration and mobile access are just the beginning of our tech updates. To find out more, check out Partner XE’s capabilities or contact us. We’d love to hear from you. Happy tech shopping!