Close

(704) 728-7232 info@techassure.com

Tag Archive for: Data Breach

by

Cyber Insurance: Not just for consumer-facing businesses

Post originally published by TechAssure-member: Plexus Groupe

The wide range of cyber risk faced by businesses continues to be in the news.

In a story published recently, The Wall Street Journal reported that a growing number of manufacturers have begun to secure cyber insurance.

According to the Journal, manufacturers paid about $37 million in cyber coverage premiums last year, per data from Advisen, an increase of 89 percent from 2015. Also, per BusinessInsurance.com, cyber threats were a top concern of more than 90 percent of the top 100 publically traded manufacturing firms in 2016, according to findings from accounting firm BDO USA LLP.
Read More

by

Top Five Causes of Data Breaches and Why Firms Should Buy Cyberliability

Because of advances in technology, companies have been able to grow and expand like never before. On the downside, cyber threats lurk around every corner, from hackers corrupting systems and networks to criminals attempting data breaches.

Because of the nature of their business, technology companies are at an increased risk to these types of threats. Here are some of the top causes of data breach and what steps you can take to ensure your company’s information is safe.

  1. Credential Theft: Hacking puts all of your sensitive information at the fingertips of individuals trying to steal your company’s most important information. In a recent study, 76% of data breaches occurred because of weak credentials. Password protection is essential to preventing hackers from entering your company’s networking systems.
  2. Application Vulnerability: Hackers use back doors and SQL injection accounts for almost half of all data breaches. Web applications are most vulnerable to this type of attack.
  3. Data on the Move: This type of breach involves stolen or lost-in-transit devices such as laptops, storage devices, hard copy reports, and hand-held devices. Securing these items during travel can help ensure that your sensitive information does not fall into the wrong hands.
  4. Insider Breach: This type of security threat involves insider attacks. Employees who can access company information can easily transfer firm financials, passwords, network and security access, etc. When employees go rogue, it is important to have a secure plan in place to prevent loss of data or worse.
  5. Employee Error: Employee negligence can inadvertently expose your firm to data breach. Some of these instances may be unpreventable, but it is important to educate your employees on how they can prevent data breach by following certain system protocols and implementing criteria each day that can help close the gap.

Maintaining a comprehensive cyberliability insurance and risk management program can ensure that your information is protected and that you will have a plan of action for managing the aftermath. Protect yourself and your firm’s credibility with an insurance policy custom tailored to your specific requirements. A TechAssure Association member can help you customize a cyberliability program around your unique risk profile. Please contact us for more information.

by

5 Ways BYOD Policies Can Increase Data Breach Vulnerability

If you are responsible for managing risks in your organization, you know that any unforeseen incident can endanger the assets and earning capacity of a business. While it’s clearly important to have a solid insurance program in place, having a comprehensive risk control plan in place is equally important.

As the concept of Bring Your Device (BYOD) enjoys growing popularity amongst businesses, many employees are celebrating their newfound freedom of accessing data on the go beyond the confines of the cubicle. By using the BYOD concept, companies are enjoying reduced costs in the form of decreased expensive hardware configurations and are seeing the benefits of having a growing mobile workforce. However, what these firms did not anticipate was the growing possibility of data security breaches.

Hackers can breach company networks using linked applications, such as a company’s email account to access, extract and erase sensitive data. By accessing social media and personal email accounts, hackers easily obtain the information they need to wreak havoc.

In addition to securing a solid corporate insurance program for your organization, there are five things your company can do to overcome these security risks with BYOD. Jeff Stark, CPA, describes the following measures to help prevent a data security nightmare.

Identification of weaknesses and risk assessments. Sensitive data can’t be protected if it is not identified. As a result, Stark recommends that you begin by educating users on which data is confidential. It’s also important to follow up with assessments of your firm’s physical and network security. The rule of thumb is that if there is easy remote access to data storage sites from mobile devices, then effective network security is not sufficient. One measure is to ensure a password policy consisting of minimum character lengths, special characters, and changes to the password on a regular basis. Remember to have your IT department insist that employees not write down their frequently changing passwords and leave them in plain site in their workspace.

Establish levels of access. General users should not be granted access to the same areas that administrators and other higher end IT personnel have. Stark recommends that these “super-users” access a separate rights account or role for network management.

Use firewalls and encryption. Firewalls prevent unauthorized access to begin with and are a basic requirement. Network encryption adds a second layer of protection to prevent the wrong parties from accessing sensitive data.

Use offsite backup systems. Catastrophic data losses occur when in-house equipment fails or is breached. Whether it is cloud-based and/or physically located offsite, data is more adequately protected from many types of disasters as well as physical security breaches and damages.

Periodic auditing. Just because you have established data security measures, it doesn’t mean that you can now rest and let your guard down. You must carry out periodic risk assessments because of ongoing changes and upgrades in software and hardware which may change access capabilities. Stark recommends that you conduct audits at least once a year or whenever you make major change to the network.

While the BYOD concept has saved costs and facilitated a mobile workforce, it has also created a whole new set of security issues that you must address. As your organization assesses risks and establishes a solid insurance program, consider taking steps to prevent catastrophic data losses through breaches that can occur easily without a BYOD policy.

The members of TechAssure Association assist companies with insurance and risk management solutions that are unique to the technology sector. For more information on cyberliability insurance and other services, please give us a call.