Comparison quoting, esignatures and e-doc processing, and other digital insurance software tools have vastly improved personalization and customer service in insurance. It’s also becoming clear that these tools are also making agencies more vulnerable to cyber-attacks. According to the Identify Theft Resource Center, cyber-attacks increased by 42% in the first quarter of 2021, affecting an estimated 51 million people.
As a community-minded, independent agency, you can’t afford to expose your customers to that risk. Not only would it affect you financially, it would also damage your reputation in the community. How can you keep your customers and agency protected?
Know the Possible Threats
Your first step to protecting your agency is to know what you’re up against. Cybercrime has evolved over the years, and there are now multiple common attack methods. Some notable ones to watch for are:
- Phishing: when a cybercriminal tries to get an employee to provide information to help them access funds or data (i.e., bank account number, access to password-protected data). Phishing usually originates in an email link or attachment sent from the cybercriminal posing as someone in the organization or a member of another trusted organization.
- Spear-Phishing: when a cybercriminal targets a specific person in a phishing attack, delivering a personalized message rather than a mass email.
- Malware: a type of software that gets downloaded and causes data on a device to become scrambled or locked by a hacker. Malware typically comes through an email attachment or link.
- Ransomware: a specific way hackers use malware, asking for a fee to release control and/or refrain from sharing data in a way that would harm the organization or person.
- Spyware: a type of software used to give hackers access to a device, allowing them to look at files and use the device’s camera and microphone. This helps the hacker gather information to manipulate an organization to give access to their data unknowingly. Spyware is also sent through an email attachment or link.
Educate and Equip Your Agency
Once you know what to watch for, you can put together tools and training to help your team stay alert. You can also update your processes and tools to ensure they’re providing the highest level of protection. Some critical steps to take include:
- Upgrade your software and tech, especially if you’re still using Windows XP or 7. Virus protection and support ran out for these a few years ago, so your agency is vulnerable if you’re still using them.
- Use two-factor authentication to log into your agency’s systems, especially your management system, to add extra layers of protection.
- Use a VPN to access your agency’s system, especially when accessing it out of the office.
- Upgrade or install firewalls on browsers to filter out malicious websites.
A large part of upgrading your protection is
educating your staff. Have regular training to keep them alert for suspicious
- Unexpected emails from you or your management team
- Emails marked as “URGENT!” or asking them to take quick action
- Receiving an attachment they weren’t expecting
- Requests for passwords or links to re-set passwords
With your staff as your first level of protection, you can close potential openings for hackers. Simple actions like googling a link before opening it or sending someone a separate email when you’re unsure if they sent a message can go a long way.
Partner with Like-Minded Providers
A final way to keep your agency safe is by partnering with providers that are protecting themselves (and you!), too. Data privacy laws hold data owners responsible for all data breaches, so if a third-party provider makes your agency’s data vulnerable, the blame ultimately falls on you. Vet your partners accordingly to make sure they’re as on top of their cybersecurity game as you.
At SIS, we take security seriously. Our Partner Platform management system and CRM is built on secure architecture, and our team is regularly trained and updated on how to spot and stop cyber-attacks. And, we vet our partners to be just as secure as we are, working with top-notch providers as our Partner Allies, including the best IT provider for independent insurance agents, Archway Computer.