See original article here: http://www.employeebenefitadviser.com/opinion/6-tips-for-advisers-to-keep-data-secure
By: Mike de Waal, Employee Benefit Adviser
Technology is something of a double-edged sword for insurance brokers. It provides us with the perfect tools to offer accurate field underwriting, efficient claims and policy processing, thorough record-keeping and faster policy issue, but that’s just one side of the story.
On the other side — the darker, far-uglier underside — technology has opened us up to liabilities and compliance nightmares through data breaches, hackers and other cyber security risks.
While these cybersecurity threats should keep brokers on their toes, they don’t have to transform you into a tech-fearing Luddite. Here are six tips to help you avoid cybersecurity threats while still embracing technology:
1) Stay aware of the threats. From Trojans to worms, viruses to hackers, disgruntled employees to simple mistakes, potential data breaches lurk around every corner. You can stay aware of the changing threat environment and protect yourself with a system such as McAfee or AVG, but you also need to occasionally read tech blogs to understand what new threats are emerging.
2) Control your user permissions. With employees coming and going, people working remotely, and more smartphones accessing company networks, it’s more important than ever to tightly control user permissions within your brokerage. Limit the access offsite employees have and make sure to revoke unnecessary permissions when employees leave or change positions. Software such as Varonis can assist you.
3) Update passwords regularly and frequently. One of the easiest ways for a hacker to breach your system is by cracking your password — which is increasingly easy to do when the most popular passwords include “password” and “123456.” Make sure you and each of your employees changes passwords several times a year. You can use programs such as Dashlane Business to manage passwords, generate unique passwords, and create two-factor sign-in authentication for device access.
4) Stay safe in the cloud. Brokers are increasingly relying on cloud-based data storage solutions, but not every cloud is created equal. Make sure the clouds you use have features such as encryption when files are being transferred as well as when they’re not. Secure clouds use data file “sharding” — a process in which data is broken up into several different portions, each of which is encrypted separately.
5) Create a post-breach action plan. None of us ever intends to be breached, but even if we do all we can to avoid it we could still become victims. If we do, we need to act quickly. That’s why it’s good to have a post-breach action plan as part of your general disaster planning.
6) Choose the right collaborative software. Whether you have employees working remotely or you have online meetings and webinars, you need to choose collaborative software that minimizes your risk of data breach. Choose tools that encrypt messages and have two-factor authentication at sign-in. There are many options, including HighQ and Syncplicity.