Close

(704) 997-3238 info@techassure.com

Archive for category: RISK MANAGEMENT TRENDS

by

5 Ways BYOD Policies Can Increase Data Breach Vulnerability

If you are responsible for managing risks in your organization, you know that any unforeseen incident can endanger the assets and earning capacity of a business. While it’s clearly important to have a solid insurance program in place, having a comprehensive risk control plan in place is equally important.

As the concept of Bring Your Device (BYOD) enjoys growing popularity amongst businesses, many employees are celebrating their newfound freedom of accessing data on the go beyond the confines of the cubicle. By using the BYOD concept, companies are enjoying reduced costs in the form of decreased expensive hardware configurations and are seeing the benefits of having a growing mobile workforce. However, what these firms did not anticipate was the growing possibility of data security breaches.

Hackers can breach company networks using linked applications, such as a company’s email account to access, extract and erase sensitive data. By accessing social media and personal email accounts, hackers easily obtain the information they need to wreak havoc.

In addition to securing a solid corporate insurance program for your organization, there are five things your company can do to overcome these security risks with BYOD. Jeff Stark, CPA, describes the following measures to help prevent a data security nightmare.

Identification of weaknesses and risk assessments. Sensitive data can’t be protected if it is not identified. As a result, Stark recommends that you begin by educating users on which data is confidential. It’s also important to follow up with assessments of your firm’s physical and network security. The rule of thumb is that if there is easy remote access to data storage sites from mobile devices, then effective network security is not sufficient. One measure is to ensure a password policy consisting of minimum character lengths, special characters, and changes to the password on a regular basis. Remember to have your IT department insist that employees not write down their frequently changing passwords and leave them in plain site in their workspace.

Establish levels of access. General users should not be granted access to the same areas that administrators and other higher end IT personnel have. Stark recommends that these “super-users” access a separate rights account or role for network management.

Use firewalls and encryption. Firewalls prevent unauthorized access to begin with and are a basic requirement. Network encryption adds a second layer of protection to prevent the wrong parties from accessing sensitive data.

Use offsite backup systems. Catastrophic data losses occur when in-house equipment fails or is breached. Whether it is cloud-based and/or physically located offsite, data is more adequately protected from many types of disasters as well as physical security breaches and damages.

Periodic auditing. Just because you have established data security measures, it doesn’t mean that you can now rest and let your guard down. You must carry out periodic risk assessments because of ongoing changes and upgrades in software and hardware which may change access capabilities. Stark recommends that you conduct audits at least once a year or whenever you make major change to the network.

While the BYOD concept has saved costs and facilitated a mobile workforce, it has also created a whole new set of security issues that you must address. As your organization assesses risks and establishes a solid insurance program, consider taking steps to prevent catastrophic data losses through breaches that can occur easily without a BYOD policy.

The members of TechAssure Association assist companies with insurance and risk management solutions that are unique to the technology sector. For more information on cyberliability insurance and other services, please give us a call.

by

What is Cyberliability Insurance?

A Chubb Group survey recently found that 2 in 5 companies suffered from a computer security issue in a 12-month period, with the typical data breach costing $5.5 million in organizational costs for 2011. About a quarter of the respondents expect another major incident this year. Yet, 65 percent do not have the proper cyberliability insurance to respond to their exposures. In the study it finds that the most likely reason for the omission is that most people don’t know what cyberliability is and that insurance protection exists for it. Further, most buyers don’t understand that the insurance policies vary greatly from carrier to carrier.

Cyberliability refers to the risks that your company faces from the operation of your network. The exposures include first and third party risks. It could involve risks to your company when information is compromised. or it may involve a virus entering your system and destroying your product data, a hacker stealing the customer credit card numbers stored in your database. It could also include a third party suing you for inadvertently putting a copyrighted picture on your website without permission.

When such incidents happen, at the very least, you’ll spend time and money to restore information, eliminate the threat, and perhaps, deal with any public relations fallout. Your company may also need to compensate third parties for any damages they suffered because of your computer problems.

Although specific policies differ, your traditional business insurance does not generally cover cyberliability. The and legislation to deal with computer security is rapidly changing and still evolving. You need a policy that specifically addresses your cyberliability exposures.

Please contact a TechAssure member to learn more about the insurance and risk management options available to your firm.

by

Reducing Your Cyberliability Risk

Cyberliability is a term used to describe how much damage will be done if your company experiences a data leak. Handling private data, as every modern business does, puts you at risk for having it lost or stolen which in turn could leave you facing some very costly lawsuits. Fortunately, there are some relatively easy steps you can take to reduce your cyberliability exposures.

Don’t carry vital data around with you. Mobile devices are great for efficiency. You can look over reports or check your email almost anywhere you go. The down side is that any vital data you carry on these devices becomes a cyberliability risk. It’s too easy to lose or have a smart phone, laptop, or tablet, stolen, then all that data is there for everyone to see. A great alternative is cloud storage. It allows you to access data online without ever downloading it. You log on with a password, use the data, and log off. Nothing is stored so if your device goes missing, the data doesn’t go with it.

Password protection and firewalls are great ways to protect data, but sometimes they are not enough. If a hacker gets through these, you need data encryption as a last line of defense. When you encrypt all your data, even if someone does hack into your system and steal it, they can’t use it.

Strict password policies are something most staff members hate. Coming up with new passwords every month can be irritating and difficult. If you really want to reduce your cyber liability risk this is a vital tool to use. Do not use one password for all your personal and business accounts. All it will take is for a hacker to gain access to one of those accounts, then all of your company data is in jeopardy. It may seem like a pain and it will upset your staff, but a strict password policy will save you a lot of money in the long run.

To discover other ways in which we can help you protect your organization from cyberliability risks, please give us a call.

by

Risk Management Trends and Observations for GPS Manufacturing

During 2012, the search and navigation manufacturing sector continued to see growth.

In order to succeed in 2013, the industry must get better at managing its many business challenges. This includes their dependence on federal budgets and their ability to continue to develop new products at a rapid pace.

Acquiring and retaining talent and managing intellectual property risks will be increasingly important in 2013. With the erosion of the GPS market, M&As are likely to be an avenue to help firms lower their manufacturing costs and expand their engineering services and quality. The market is well positioned to support export business, while businesses seek new ways to use the technology.

The firms that can take the flip side of “risk” and turn it into “opportunity” are those that can make the most of developing a strong international strategy and create a robust platform for innovation.

TechAssure members know that a successful insurance and risk management program addresses general business risks as well as risks associated with your industry and risks specific to your company.

Give a TechAssure member a call to find out more about our insurance products and risk management solutions.

by

Risk Management Trends and Observations for Semiconductor and Electronic Component Manufacturing

During 2012, the semiconductor industry managed some improvements in what turned out to be a challenging economic year.

In order to succeed and continue growing in 2013, the industry must get better at managing all its business challenges. This includes becoming more competitive with foreign firms, continuing to manage product obsolescence, finding alternatives to requirements for heavy capital investments and better managing the concentration of customer risk.

With outsourced manufacturing and collaboration in manufacturing, the semiconductor firms of 2013 will be more focused on insurance and risk management concerns surrounding supply chain and sole suppliers. In addition, reducing foreign currency risk and promoting favorable legislation and regulation will be of vital importance.

The firms that can take the flip side of “risk” and turn it into “opportunity” are those that can make the most of collaborative partnerships while developing new technology and products.

TechAssure members know that a successful insurance and risk management program addresses general business risks as well as risks associated with your industry and risks specific to your company.

Give a TechAssure member a call to find out more about our insurance products and risk management solutions.

by

Risk Management Trends and Observations for Wireless Telecommunications Manufacturing

2012 was indeed a challenging year for the wireless manufacturing industry. Apple led the way in the industry. Demand was driven by consumers that wanted more. While the industry continues to be bright in selected areas, the industry was not without its challenges.

In order to succeed in 2013 and beyond, the industry must get better at managing its business challenges. These challenges include the rapid change of technology, dependence on large corporate customers, their ability to negotiate exclusive contracts where possible and management of the supply chain.

But the firms that can take the flip side of “risk” and turn it into “opportunity” are those that can innovate new ways to evolve their network infrastructure and better serve the customer that needs a variety of connectivity solutions. They also must get in front of the risks associated with deregulation and intellectual property protection and grab the reins of opportunity in cloud computing.

TechAssure members know that a successful insurance and risk management program addresses general business risks, as well as risks associated with your industry and risks specific to your company.

Give a TechAssure member a call to find out more about our insurance products and risk management solutions.