It's been said nearly every two seconds a new malicious URL is created for use in a cyber attack. Statistics like these should give pause, knowing your agency’s data is constantly vulnerable to such risks. In this guide, we’ll give you the tools and information you need to defend against cyber threats. We start with some of the most recent tactics, so you and your staff can be alert for suspicious happenings. Next, we look at how to inform and protect your clients and staff. Finally, we explore how to keep your data secure in the power of the cloud.
2. 2
IT’S BEEN SAID NEARLY EVERY TWO SECONDS a new malicious URL is
created for use in a cyber attack. Statistics like these should give pause, knowing
your agency’s data is constantly vulnerable to such risks.
In this guide, we’ll give you the tools and information you need to defend against
cyber threats. We start with some of the most recent tactics, so you and your staff
can be alert for suspicious happenings. Next, we look at how to inform and protect
your clients and staff. Finally, we explore how to keep your data secure in the
power of the cloud.
Nearly every
two seconds a
new malicious
URL is created
4. 4
Identifying
Common Threats
1. SPEARPHISHING
A targeted form of phishing. The sender poses as an acquaintance
and uses a ruse to ask for a password or login name. The attacker
then uses that password to hack online shopping accounts.
2. RANSOMWARE
Malware that holds devices hostage through downloads and file
transfers. Download comes from a fraudulent email or a phony
website. Once downloaded, the attacker (who may pose as local law
enforcement) demands payment of a fine. Devices stay locked up till
you pay.
3. TYPOSQUATTING
These website URLs are common mistypes of popular sites (i.e.
“Yhaoo” for “Yahoo”). Once on the site, users may think it legitimate
and download dangerous malware.
Latest Cyber Attack Trends
Spearphishing
Ransomware
Typosquatting
All three are preventable! Being
careful about what you post, when
you open emails, and where you
visit helps keep your data safe.
5. 5
Staying
Protected
Educate employees on common threats and create regulations to
protect against them. Encourage them to watch emails closely, reporting
and deleting any that seem suspicious.
Use encryption on emails, especially those with attachments.
Create agency regulations around data security. Require strong passwords,
limit access to sensitive data, and control application downloads.
Protect and back up agency data in an offsite, secure server. Utilize cloud
services with redundant backups, keeping data protected and constantly
monitored.
Make a plan for handling cyber-attacks. Include where data is stored, how
to access it during an attack, and the process of system recovery.
“Create Regulations”
Partner XE users can
access policy templates
via the “security” section
in PartnerNet
6. 6
Informing Your
Network
Protecting Clients
1. EDUCATE clients on threats via enews, blog posts, etc.
2. INFORM about the ways your agency keeps personal
data secure (i.e cloud security and encrypted messaging)
3. NOTIFY clients immediately in the event of a security
breach. Be honest about what happened (and didn’t!)
and your next steps
4. CONNECT with clients who suspect threats. Grant
access to your agents via online chats, emails, social
media, etc. to make your agency accessible and build
trust
Don’t wait until it’s too late to
talk about data security. It’s
important to be upfront with
your clients to build a sense
of trust and security.
7. 7
Informing Your
Network
Protecting Employees
1. ENCOURAGE transparency about data breaches and
security issues. Impress upon employees the importance
of sharing information in order to prevent further damage
2. TRAIN employees on how to spot common threats and
what to do to prevent them
3. EQUIP staff with the tools to keep data protected, such
as anti-virus and data encryption software
Spotting Threats
n Request for personal info
(date of birth, account number, etc.)
n Call for program download
n Pop-up fake virus messages
n “Check Out” or “Click Here” email subjects
(i.e. “Check Out This Cool Photo!”)
n Unfamiliar email addresses
(i.e. @windstair.ie.co)
8. 8
Utilizing
the Cloud
Cloud storage is quickly becoming the best bet for data security. No
matter how much you focus on security, your cloud provider is always doing
more. In the cloud you’ll find:
1. Encryption is standard
2. Access is limited and data is closely monitored
3. Location is secure, keeping data safe from natural disasters such as
hurricanes, floods, and wildfires
4. Updates are automatic
5. Vigilance is constant
The potential damages associated with cybercrime outweigh the costs
associated with establishing these extra security measures. By implementing
these recommended security tips, your agency can take a big step in
preventing a cyber-attack, saving you from being the next target.
Multi-character,
complex passwords
secure your data in
the cloud.
Saves you worry
about whether or
not your latest data
addition is protected
9. 9
4181 Arlingate Plaza, Columbus, Ohio 43228 | 800.747.9273 | www.sisware.com
About
Partner XE
Supporting downloads from nearly 300 carriers, real time
interaction, integrated agency accounting, and much more,
Partner XE is a full-featured agency management system at
an affordable cost for the independent insurance agency. For
more information, please visit www.sisware.com