Cyber Insurance: Why Your Small Business Needs It
Many people associate hacking with large corporations. Yes, they receive all the attention in the news, but did you know that 31% of reported breaches involve companies with fewer than 100 employees?
In Canada, the evolving threat of cyber risk is rapidly increasing. Many insurance providers now offer differing levels of cyber coverage. Intact Insurance, a Surex partnered provider, is an industry leader in business (commercial) insurance. As such, their coverages will be tailored specifically to meet the needs of your business – regardless of size or industry.
5 Forms of Privacy Breach
While privacy breaches can happen in many different ways, there are five scenarios that lead the charge in frequency:
- Stolen or lost devices (laptop, PC, mobile phone, USB flash drives, etc.)
- Improper document or office equipment disposal
- Theft of non-computer data (paper files or records)
- Computer system or network virus
- Unauthorized use/access to a system or network by an individual
10 Ways to Help Prevent a Privacy Breach
Lock & restrict access to data
With more sensitive information, proper measures should be in place to ensure only people that are supposed to see or access certain data are, in fact, the ones accessing said data. Practices, such as not leaving important information unattended, making sure the right person gets what is coming out of the printer and locking appropriate files – be it on a device, hard-drive or in a filing cabinet – are simple steps to keeping data in the right hands.
Collect & keep only necessary data
Having excessive information, especially personal information (such as Social Insurance Number or banking account info) of people can be a liability to you. If you don’t need to keep information on clients or customers, DON’T!
Install a security system & require guest check-in
Monitoring who comes and goes, whether they be employees or guests, makes people more accountable. A security system can deter people from making a poor choice. Making sure visiting guests check in and out can prevent strangers to your business from poking around and being there longer than is needed. A security system, combined with a check-in protocol, can be a great deterrent to mischief.
Screen employees
Ever come across something that just seems too good to be true? More often than not, it actually is. This can apply to people looking to join your company. Criminal background checks, following-up with references and checking social media profiles are a few of the ways people can get to know a potential employee, prior to bringing them onboard.
The same screening process can apply to outside companies, such as cleaners, technicians and work crews, coming into your business.
Record & review data practices
Establish protocols that are to be met by employees, regardless of position/seniority. Simple practices include having a clean desk, visitor guidelines and rules of use for personal electronics while in the workplace.
Regularly reviewing these – and others, as you see fit – practices will ensure all colleagues know exactly what is expected of them. A brief meeting every month or two can allow the chance to mention change in policies or procedures, as well as allow a comfortable time for questions to be asked.
Conduct audits
The practices you have established (in the point above) need to be enforced. These practices should be routinely audited. This will allow you to see what is, or isn’t, working and some possible tweaks or adjustments that are needed.
Use a secured network
Off-the-shelf wireless networks definitely serve a purpose and can have a place in the office/workplace. As far as being able to access confidential information, this is where those types of wireless network privileges should come to a screeching halt.
Using a secure, authenticated network for sensitive information can safeguard and restrict access to those that the data is relevant to.
Ensure remote access to your network is secure
If you have employees or contractors, make sure their access – wherever they are – is secured through a Virtual Private Network (VPN). Make sure the degree of difficulty on your passwords is high. It is a good idea to regularly update your passwords. Finally, do not use a password for access to more than one area. If a hacker were to somehow crack your passcode and gain access to restricted documents, you wouldn’t want them being able to use that same password to further infiltrate your business and private information.
Install and regularly update anti-virus, anti-spyware & firewalls
Having the latest technology and systems in place to block hackers, viruses and other harmful attacks is essential to protecting your business. Do not be the one playing catch-up and reacting to the online threats to your venture. Be proactive and search out new technology to stay a step or two ahead of dangers.
Properly dispose of technology
Policies should be in place, be it by department or company as a whole, with regards to how old computers, hard-drives, memory sticks, etc. are disposed. For many companies, these technology devices contain the majority of their sensitive data and information.
Physically destroying, or contacting a company that specializes in destroying electronic devices, is the best way to make sure people aren’t getting valuable information from products you no longer need or use.
The Intact Advantage
Intact Insurance, in conjunction with IDT911 (an independent service provider), gives you access to:
- Expertise and technical support during the policy period
- Technical guidance to determine if a breach has occurred and access the severity
- Breach Response Services inclusive of crisis management, notification assistance, remediation planning and evidentiary support
- Help to identify security gaps and controls to help prevent a breach
- An online knowledgebase of guidelines and information
How Much Coverage Can You Get?
In the unfortunate event your business is impacted by a privacy breach, you can receive up to $25,000 in coverage. This money can be used to help you with remediation expenses, including responding to the breach, notifying customers and credit & fraud monitoring.
An additional $25,000 of coverage is available to cover business losses stemming from the breach. This is important as, according to Statistics Canada, the most commonly cited effects of a breach are service downtime (51%) and loss of productivity (43%).
Getting cyber coverage, included in your small business insurance policy, provides you with the peace of mind that you will be protected from online threats. Depending on your business type, you will have different needs to insure your business.
Getting a commercial insurance quote from Surex, an official broker for Intact Insurance, is quick and easy. We know how important each minute of your day is. Lend us five or ten of them and we will do the legwork of getting your business insured properly, at an affordable price. Check out this post for more information about why it's so important small businesses take cybersecurity seriously.