Marshfield Insurance Offers Protection Tips
Submitted to OnFocus – According to Stay Safe Online, millions of people are unaware of and uninformed about how their personal information is being used, collected or shared in our digital society. Data Privacy Day aims to inspire dialogue and empower individuals and companies to take action.
“At Marshfield Insurance, we work with our clients to help protect their business from cyber liability and to encourage them to protect their data,” said CEO Nick Arnoldy. “If your company handles critical assets such as customers’ personal data, intellectual property or proprietary corporate data, you are at risk of a data breach.”
“It doesn’t matter if you are a Fortune 500 company or a small ‘ma and pa’ shop—cyber thieves are always looking for their next score,” he added. “It is often assumed that smaller businesses can escape attention from cyber crooks, but according to industry experts, an increasing number of data breaches are occurring at companies with fewer than 100 employees. No company of any size is completely safe from a data breach.”
A data breach is an incident where private data is accessed and/or stolen by an unauthorized individual. Data can be stolen by a third party, such as a hacker, or by an internal actor (perhaps a disgruntled or recently fired employee).
To reduce the chance for a data breach, businesses are encouraged to develop an IT risk management plan.
“Risk management solutions should leverage industry standards and best practices to assess hazards from unauthorized access, use, disclosure, disruption, modification or destruction of your organization’s information systems,” said Arnoldy.
Businesses should consider the following when implementing risk management strategies at their organization:
- Create a formal, documented risk management plan that addresses the scope, roles, responsibilities, compliance criteria and methodology for performing cyber risk assessments. This plan should include a description of all systems used at the organization based on their function, the data stored and processed and importance to the organization.
- Review the cyber risk plan on an annual basis and update it whenever there are significant changes to your information systems, the facilities where systems are stored or other conditions that may affect the impact of risk to the organization.
“Not all companies have the resources to create and implement a fully customized plan, however, there are many simple, cost-effective steps any business can take to help prevent a data breach,” said Arnoldy.
Some of his tips include:
- Never give sensitive information like Social Security numbers or credit card numbers out over the phone unless you can verify the identity of the person on the other line.
- Shred all credit reports and other sensitive data before disposal.
- Educate employees about phishing and pharming scams. Remind them not to click on anything that looks suspicious or seems too good to be true.
- If your company doesn’t have an IT department, hire an outside company to set up the proper security measures for your computer network.
- Always monitor credit reports and other financial data for the company. If you see things that don’t belong, investigate.
- Do not allow employees to write down passwords in the office.
- Always encrypt sensitive data.
“It is common to have an ‘it will never happen to us’ philosophy when it comes to data breaches,” said Arnoldy. “Unfortunately, that thinking can lead to lax security measures and carelessness when it comes to protecting.”
Policies or endorsements can be purchased for as little as $200/year. For more information about data privacy, contact Marshfield Insurance at 715-387-4443.
We welcome your stories! Contact us at [email protected]!