×
OSHA to Continue in 2019

Take the Mini-Compliance Test to see how you score

Download Here
SEARCH
×

CyberRisk part-2 of part-2

footerpnglogo 300x101 OSHAs Colorados  Emphasis Program

Michael Graham
President
Automotive Aftermarket Specialties
michael@autorisk.org

michael graham1 150x150 OSHAs Colorados  Emphasis Program
homeicon OSHAs Colorados  Emphasis Program businessprofileicon OSHAs Colorados  Emphasis Program facebookicon OSHAs Colorados  Emphasis Program googleplusicon OSHAs Colorados  Emphasis Program twittericon OSHAs Colorados  Emphasis Program linkedinicon OSHAs Colorados  Emphasis Program

Cyber attack concept

Last month we discussed how cyber liability exposures are typically not included in commercial insurance programs . . . see our blog post on our website.

SO — What are Steps You can take to control Cyber Risks:

1. Invest in virus protection, malware and internet security software.The worst mistake a business can make regarding its cyber protection is not having any at all. A robust security solution is a must-have for any small business. Set up schedules for virus and malware detection software to run at regular intervals.

2. Segregate your Computers into high, medium and low security groups. Have your sensitive files and sensitive software programs, like accounts payable or accounts receivable systems on computers different from your company email accounts and mail servers.

3. Regulate employee’s use of work computers. Data breaches often occur when employee’s unknowingly download viruses or install unauthorized software. Additionally, check your employee’s password strength or set rules in your software to require certain strength passwords and require new passwords a frequency like 30, 60 or 90 day intervals..Also set “Automatic Update” preferences to update employee used software automatically.

4. Screen your vendors closely. If you provide your vendors or any third-party services with access to confidential data, research their policies carefully to make sure that they comply with security best practices. Even if a vendor causes a data breach, customers are still likely to blame your company if they provided you with their information.

5. Destroy before disposal. Shred paper files with private information you no longer need before disposal. Destroy disks, CDs/DVDs and other portable media before disposal. Deleting files or reformatting hard drives does not erase your data. Instead, use software designed to permanently wipe the hard drive or physically destroy the drive itself. Also, be aware of photocopy machines, as many of these scan a document before copying. Change the setting to clear data after each use.

6. Buy a Cyber insurance policy. One important non-software solution that many small businesses overlook is cyber insurance. Your general liability policy will not help you recoup losses or legal fees associated with a data breach, so a separate policy covering these types of damages can be hugely helpful in case of an attack. Small businesses often assume cyber insurance policies are only designed for large companies, because those businesses are the most frequent targets of hackers. But many insurance carriers are now offering tailor-made cyber coverage for smaller businesses to meet their budgets and risk-exposure levels.

7. Install tracking software or Lo Jack on all company issued mobile devices. Cell phones and laptops can have software installed that allows you to “Lock a Device,” “Locate a Device” or “Destroy Data” on the device if it is lost or stolen. Some software vendors even have recovery services staffed with former law enforcement personnel that will go and get.

8. Have Company “Best Practices” for subscribing to business websites, publications and have a “Password Management” program so employees can create strong group passwords for shared sites and provide access to all employees whom need access.

9. Purchase a Commercial Firewall and configure it to restrict usage. Firewalls come as either hardware or software which can be added to a network or individual machine. Hardware comes with advantages that it applies to the entire network for which devices are attached and allows the owner to configure it to restrict access to “types” of website or domains outside the united states.

10. Key software backup considerations should include: Electronic data should be automatically backed up with m ore frequent backups for systems storing critical information; backup software and applications off-site so they can be readily reloaded into replacement equipment; A copy of your organization’s web site should be maintained.

It is important that businesses understand the risks they have as well as steps they can take to reduce their exposure, including relevant statutory obligations as they choose to “self-insure” their risks or choose to purchase insurance coverage to aid in covering their risks.

1 OSHAs Colorados  Emphasis Program 2 OSHAs Colorados  Emphasis Program 3 OSHAs Colorados  Emphasis Program

Comments are closed.

You have subscribed to newsletters published by AutoRisk. You can cancel your subscription at any time by clicking the "unsubscribe" link at the bottom of the newsletter. You will be getting a confirmation email shortly and need to reply to confirm your identity and subscription. If you don’t see the email in your inbox then look in your spam folder. Please click CONFRIM to accept your subscription