Why You Should Be Benchmarking (and How Hierl Can Help)

As an employer, you have more than likely heard the term ‘benchmarking’ thrown around. It is becoming a critical tool in the development of competitive benefits programs, often helping drive down costs. At Hierl, we are strong advocates for benchmarking. Why? We believe good business decisions can only be made with accurate, meaningful information. Benchmarking is a fantastic way for us – and you – to measure where you stand in all aspects of your benefits against your industry’s standards and competitors. That’s why, in this installment of CenterStage, we interviewed our Executive Vice President, Scott Smeaton.

From an Employer's Eyes - The 3 Scenarios

“When we meet with a business that has not done benchmarking, we are sure to complete that process for them, showing them where they stand in their marketplace,” explained Scott. He emphasized that there are three scenarios that can happen once great advisors, such as those at Hierl, step in and get those results for the employer:

(1)The employer sees that everything around them has changed, they haven’t kept up with the times, and they’ve left money on the table.

(2)The employer is having a difficult time attracting and retaining key employees. With benchmarking, they can view where they should enhance their benefits to be more competitive in their marketplace.

With unemployment as low as it is, many businesses we meet with come from a third, different mindset:

(3) They want to look at their benefits from a total reward or total compensation strategy, where the benefits and the costs of providing benefits become part of a larger picture – time off, vacation, wages, etc.

These three approaches to benefits strategy are why, at Hierl, we strive to blend any and all concerns into a benefits plan strategically designed to get our clients where they need to be to compete for labor. “With a recent client of ours, they were specific about wanting their plans to be in the top 25% of all the plans out there – from a plan design perspective and from a premium cost-share perspective. Using benchmark, we were able to illustrate to this client what they needed to do to accomplish that goal specific to their industry and geographic location,” Scott explained. Benchmark is a powerful tool that can be in any employer’s toolbox, if only you partner with someone like Hierl.

He continued, “When we do our clients’ benchmarks, we take the results further than simply a generic comparison against their competitors. We look at our clients’ specific plan designs, analyzing their deductibles, their coinsurance, their out-of-pocket maximums, their prescription drug copays, and other specifics, as well as how much of the premium the employees must pay out of their paycheck to have coverage. We break down each into five competitive areas: national, regional, state, industry, and employers of similar size.”

Addressing Employers’ Fear of Cost

Some employers may not want to see the results because their current offering isn’t competitive, and it would cost money to adjust their programs to be closer to market. If getting closer to market to compete for labor is their goal, we work with them to create a three- to five-year plan to get there, making incremental adjustments each year. Another common finding is that employers are paying more of the premium than their competitors. Some acknowledge that’s what they want to be doing; others appreciate the information and adjust their cost share so they can reallocate those premium dollars to other benefits, wages, or expenses. This can be an eye-opener, and they likely would not have realized the difference without doing a benchmark test.

Another benefit of benchmarking is how we use the information to educate and engage employees, helping them understand the effort their employer is making to be competitive in the market and how fortunate they are to have the benefits they do compared to others. We use the data during employee meetings to drive the point home. The response is often amazing. We’ve had employees go to their employers and thank them after the employee meetings admitting that they didn’t realize how competitive their benefits are. This also highlights that their employer cares about its employees’ needs and wishes with their benefits, helping the employer retain their key talent.

Partner with Advisors that Listen

If your benefits program isn’t up-to-par – or you’re not even sure where it stands against others in your marketplace – then benchmarking is something you should seriously consider. Even more so, partner with advisors that will want to improve employee perception of your benefits as much as you do. Everyone at Hierl is extremely passionate about helping employers – large or small – identify what it takes to build a successful employee benefits program. To do that, we use the data and listen to the direction the employer wants to go, while also keeping in mind what the employees are looking for. Something we offer to our clients is to survey not only their company through benchmark but to also survey their employees, regarding how they feel and engage with their benefits. Every other year, we go in and do this test with our clients’ employees to ensure the benefits plans we design for our clients are fully comprehensive and hitting every mark. We’re not your traditional broker. We bring tools and resources to the conversation that make a difference. We’re driven to educate and improve both the employer and employee experience, driving down the overall cost of benefits at the same time.

To learn more about Hierl’s services or to begin your benchmark process, please contact our Executive Vice President, Scott Smeaton, at 920.921.5921 or ssmeaton@hierl.com.


5 Ways to Spot a Phishing Email

Has your organization been affected by phishing attacks? One of the most common types of online threats are phishing emails. Read this blog post to learn five ways to spot a phishing email.


A phishing attack is a form of social engineering by which cybercriminals attempt to trick individuals by creating and sending fake emails that appear to be from an authentic source, such as a business or colleague. The email might ask you to confirm personal account information such as a password or prompt you to open a malicious attachment that infects your computer with a virus or malware.

Phishing emails are one of the most common online threats, so it is important to be aware of the tell-tale signs and know what to do when you encounter them. Here are five ways to spot phishing attacks.

1. The email asks you to confirm personal information

Often an email will arrive in your inbox that looks very authentic. Whether this email matches the style used by your company or that of an external business such as a bank, hackers can go to painstaking lengths to ensure that it imitates the real thing. However, when this authentic-looking email makes requests that you wouldn’t normally expect, it’s often a strong giveaway that it’s not from a trusted source after all.

Keep an eye out for emails requesting you to confirm personal information that you would never usually provide, such as banking details or login credentials. Do not reply or click any links and if you think there’s a possibility that the email is genuine, you should search online and contact the organization directly  – do not use any communication method provided in the email.

2. The web and email addresses do not look genuine

It is often the case that a phishing email will come from an address that appears to be genuine. Criminals aim to trick recipients by including the name of a legitimate company within the structure of email and web addresses. If you only glance at these details they can look very real but if you take a moment to actually examine the email address you may find that it’s a bogus variation intended to appear authentic ‒ for example: @mail.airbnb.work as opposed to @Airbnb.com

Malicious links can also be concealed with the body of email text, often alongside genuine ones.  Before clicking on links, hover over and inspect each one first.

3. It’s poorly written

It is amazing how often you can spot a phishing email simply by the poor language used in the body of the message. Read the email and check for spelling and grammatical mistakes, as well as strange turns of phrase. Emails from legitimate companies will have been constructed by professional writers and exhaustively checked for spelling, grammar and legality errors. If you have received an unexpected email from a company, and it is riddled with mistakes, this can be a strong indicator it is actually a phish.

Interestingly, there is even the suggestion that scam emails are deliberately poorly written to ensure that they only trick the most gullible targets.

4. There’s a suspicious attachment

Alarm bells should be ringing if you receive an email from a company out of the blue that contains an attachment, especially if it relates to something unexpected. The attachment could contain a malicious URL or trojan, leading to the installation of a virus or malware on your PC or network. Even if you think an attachment is genuine, it’s good practice to always scan it first using antivirus software.

5. The message is designed to make you panic

It is common for phishing emails to instill panic in the recipient. The email may claim that your account may have been compromised and the only way to verify it is to enter your login details. Alternatively, the email might state that your account will be closed if you do not act immediately. Ensure that you take the time to really think about whether an email is asking something reasonable of you. If you’re unsure, contact the company through other methods.

Ultimately, being cautious with emails can’t hurt. Always remember this top STOP. THINK. CONNECT.™ tip:

When in doubt, throw it out: Links in emails, social media posts and online advertising are often how cybercriminals try to steal your personal information. Even if you know the source, if something looks suspicious, delete it.

SOURCE: James, M. (22 August 2018) "5 Ways to Spot a Phishing Email" (Web Blog Post). Retrieved from https://staysafeonline.org/blog/5-ways-spot-phishing-emails/


What's in a Password?

What's in a Password?

Most websites and services encrypt passwords before storing them on their servers. As a result, even if hackers were to gain access to the password, they wouldn’t have access to the actual text that makes up your password.

Once criminals gain access to an encrypted password, they can use sophisticated programs to quickly guess every combination of letters, numbers and symbols until your password is cracked. As a result, longer passwords and those that contain a large variety of characters will be very difficult for programs to guess.

However, just because effective passwords should be complex, doesn’t mean that they should be difficult to remember.

The next time you need to think of a unique password, try using a favorite song lyric or quote. This will make a password that’s long and difficult for hackers to crack, and has the added benefit of being very memorable.

Turning a simple phrase like “your guess is as good as mine” into “yourguessisasgoodasmine” actually makes for a strong, and in this case ironic, password! However, be sure to add a capital letter or special character as well to make your password that much stronger.

A Balancing Act Between Memorable and Complex

Thinking of a new password can be frustrating—every service and website seems to have different requirements about length, complexity and special characters. In order to secure yourself against hackers, it’s important to think of a password that’s both memorable and complex.

Helpful Hints

Your password will only remain secure if you take steps to protect it. Be sure to never write your password down and leave it where someone can see it. Instead, consider using a password management tool. These online services will store all of your login IDs and passwords for you, but you should do some research and make sure that the service you use is reputable.

Provided by: Hierl's Property & Casualty Experts

Download the PDF.

What are the 25 most commonly stolen passwords?

Download the PDF.

Construction Risk Advisor - October 2018

Preparing for Hurricane Season: 5 Tips for Contractors

The 2018 hurricane season is here, and it’s time for contractors to prepare for emergency weather situations that can not only disrupt current projects, but also hamper recovery efforts. Heavy rain and winds, surges in demand for labor and materials, and job site hazards in storm-damaged areas can create dangerous and expensive risks for contractors.

Minimize your risks during hurricane season with these five tips:

  1. Identify the potential for flooding. Take steps to prevent on-site flooding, including installing drainage systems, moving large equipment and waiting to install finished products until the building is watertight.
  2. Protect your cranes. Lower any cranes before weather events, if possible. Consult with the manufacturer or a professional engineer regarding how to best lower and secure cranes.
  3. Create an employee communications plan. Devise an action plan with a list of contact information and a log of on-site workers so you can account for everyone if a storm hits.
  4. Check your business continuity plan. Make sure employees understand their roles, and regularly review, update and test your continuity plan for business disruption.
  5. Review your insurance coverage. Work with your insurance carrier or broker to make sure your business is adequately protected.

Assess whether a project will be affected by hurricane season, and weigh the risks before agreeing to a contract. Consider whether or not you have enough qualified staff to handle the work post-storm, as well as the materials needed to complete the job, so you’re prepared in case of supply shortages.

Newsletter Provided by: Hierl's Property & Casualty Experts

Download the Newsletter.


Safety Focused Newsletter - October 2018

Avoid Getting Sick at Work

It can be difficult to avoid getting sick at work, particularly if you work in close quarters. While you may not be able to avoid germs altogether, the following tips can help reduce your risk of getting sick:

  • Wash your hands. Germs can cling to many surfaces in the workplace, including elevator buttons, doorknobs and refrigerator doors. To protect yourself from illness, it’s important to wash your hands regularly, especially before you eat or after you cough, sneeze or use the restroom.
  • Keep your distance. Illnesses like the cold or flu can spread even if you aren’t in close contact with someone. In fact, experts say that the flu can spread to another person as far away as 6 feet. If you notice a co-worker is sick, it’s best to keep your distance.
  • Get a flu shot. Yearly flu shots are the single best way to prevent getting sick. Contrary to popular belief, flu vaccines cannot cause the flu, though side effects may occur. Often, these side effects are minor and may include congestion, coughs, headaches, abdominal pain and wheezing.

In addition to the above, it may be a good idea to avoid sharing phones, computers and food with your co-workers during flu season. Together, these strategies should help you stay healthy at work.

Parking Lot Safety Tips

Parking lots are common hazards for drivers and vehicles alike. Slips, falls, auto accidents, theft, harassment and assaults are just some of the risks individuals face while using parking lots.

Even the parking lots and garages at your place of employment can be dangerous. Thankfully, there are simple and effective precautions drivers can take to protect themselves and their vehicles:

  • Park in a well-lit area, preferably one with surveillance cameras and security patrol services.
  • Avoid parking near shrubbery or other areas that could conceal attackers.

  • Park as close to an exit as possible when using garages.
  • Lock your doors when leaving your vehicle.
  • Remain vigilant, and notify security or the authorities if you notice any suspicious behavior.
  • Lock all of your valuable items in your trunk and out of sight. Avoid leaving purses or wallets in your vehicle.
  • Walk confidently when leaving or returning to your vehicle. If you notice a potential threat, proceed to a safe place, like a public building or store.
  • Use the buddy system, and walk to your car with a co-worker.
  • Have your car keys ready when you near your vehicle.

Staying safe can be easy as long as you’re cautious and mindful of your surroundings.

Avoid Slips and Falls in Parking Lots:

Watch Out for Uneven Surfaces, Curbs and Potholes.

Beware of Ice During Colder Months.

Stay in Well-Lit Areas.

Walk, Don't Run.

Illnesses like colds or the flu can spread even if you aren’t in close contact with someone.

Download the Newsletter

A monthly safety newsletter from


Trucking Risk Advisor - May 2018

ELD Enforcement Contributes to Rising Freight Rates

Electronic logging device (ELD) enforcement has contributed to rapidly growing freight rates, according to a report from transportation information firm DAT Solutions. The firm found that 3 percent of surveyed truckers planned to retire instead of comply with the ELD rule, which was a large factor in a 7 percent drop in year-over-year trucking capacity.

Although the ELD rule came into effect at the end of 2017, the Department of Transportation only began enforcement of the rule on April 1, 2018. ELDs automatically track a driver’s compliance with federal hours-of-service limits, and drivers who don’t use the devices must stop driving until one is installed.

While freight rates in April are generally lower following the end of the first quarter, DAT Solutions’ report found that rates have increased as motor carriers struggle to account for a shortage of skilled drivers.

Call us at 920-921-5921 for more information on trends in the trucking industry.

New Technology May Replace Mirrors With Camera-based Systems

Although sideview mirrors allow drivers to stay aware of surrounding traffic, the large devices offer limited viewing angles and create drag that lowers fuel economy. As a result, some technology companies are advocating for the use of camera-based systems to improve safety and lower operating costs.

Prototype camera systems feature multiple, internally wired cameras that provide drivers with multiple views of adjacent lanes, the blind spot in front of a truck’s hood and the ground on each side of the vehicle. The cameras themselves also include a number of safety features:

  • Redundant systems to reduce the chances of a malfunction
  • Low-light visibility options
  • Heated glass to prevent the buildup of ice and frost
  • Special coatings that resist rain and moisture

Camera systems can improve a heavy-duty truck’s fuel economy by approximately 2.5 percent and lead to over $1,300 in annual fuel savings. The systems can also lead to savings by reducing crashes, as traditional mirrors are limited by large blind spots, glares, night visibility and adverse weather.

The FMCSA is currently accepting public comments on an exemption for the MirrorEye camera system, which has been used in Europe since 2016. For more information, visit the FMCSA’s notice in the Federal Register.


Construction Risk Advisor: September 2018

Industry Overspending $177 Billion Per Year

The average time construction professionals in the U.S. spend on avoidable issues like conflict resolution, rework and looking for project data costs the industry over $177 billion annually, according to a new report.

The participants surveyed for the report said they spend 65 percent of their time on “optimal” activities like communicating with stakeholders and optimizing resources that keep projects on track. They spend the remaining 35 percent of their time on “nonoptimal” tasks like hunting down project information, resolving conflicts and dealing with mistakes that require rework. That amounts to almost two full working days lost per person each week.

Some of the reasons for the nonoptimal costs include poor communication, constrained access to data, incorrect data and the lack of an easy way to share data with stakeholders. Another possible reason is that more than 80 percent of the survey’s respondents said they don’t use mobile devices to collaborate and access project data, despite the fact that mobile devices could help them work more efficiently.

Newsletter Provided by: Hierl's Property & Casualty Experts

Download the Newsletter

States Say Contractors Must Guarantee Wages

Maryland’s General Contractor Liability for Unpaid Wages Act becomes effective on Oct. 1, making private contractors for prime construction projects in the state financially responsible for unpaid wages of subcontractor employees. And unless the reason for nonpayment is related to a legitimate dispute, general contractors could be held responsible for up to three times the amount owed, plus attorney fees.

California and Oregon also enacted similar laws earlier this year. In California, general contractors are now liable for the unpaid wages of any employee who furnishes labor to or through them, plus unpaid benefits and interest.

Oregon’s wage protection law creates liability for the general contractor only if the worker’s subcontractor employer has not yet been paid in full.

Mitigating The Risk

In order to reduce the risk of general contractors having to pay their subcontractors’ employee wages, some industry experts are recommending that subcontractors provide their own payment bonds.

Opponents of the recent laws argue that it could be difficult for subcontractors on rocky financial ground to meet bond underwriting requirements. And since large projects could require several new bonds per job, overall project costs could increase significantly. Plus, if subcontractors don’t pay up, prime contractors will have to pay twice for the same labor.


Agriculture Risk Advisor: September/October 2018

3 Tips For Hiring Farm Labor

With some farmers struggling to find reliable farm labor, it is important to invest some thought in the hiring process. Here are some tips for finding the right help:

  1. Examine your needs. You might have a general idea in your head of what work needs to be done, but it’s best to be specific. Narrow down broad processes into specific jobs so you can determine how much help you truly need.
  2. Think about desired traits. Do you need someone to fill a temporary need, or are you hoping that person can go on to fill a managerial role? You’ll have to determine whether people skills are more important than manual labor or machinery skills, and list those traits in your job description.
  3. Consider hiring for a trial period. If you’re hesitant about a candidate but need immediate help, consider hiring them for a short-term trial period. This saves you from high employee turnover while buying you time to recognize your needs. It allows both you and the worker to communicate any frustrations and expectations after the trial period before considering whether the working relationship is worth investing in long term.

Newsletter Provided by: Hierl's Property & Casualty Experts

Download the Newsletter

Rise Of Robotics In Farming

Producers are increasingly considering using farming robots to replace human workers who either can’t or aren’t interested in picking crops. Agriculture is a prime market for robotics since it is less regulated than other industries.

Robots Needed To Fill Unwanted Jobs

Farming’s labor crunch is a global problem, and industry experts expect things to get worse in the years to come. Produce growers are struggling to man the fields, and higher wages aren’t persuading people to perform the physically demanding tasks.

According to the Department of Labor, the 2017 median pay for an agricultural worker was $11.41 per hour. In California, farm wages can top $20 per hour. But this is still not enough to attract laborers at a sufficient level.

Advances In Farming Technology

Driscoll’s, one of America’s largest produce distributors, has been testing a robot made by Harvest CROO Robotics, a Florida-based startup. The robot is capable of covering 8 acres in a single day and replacing a team of more than 30 human pickers.

Another emerging farming technology is a “no-touch” vineyard developed by researchers at UC Davis, which waters vines and picks fruit while improving yields, quality and costs. It costs about 7 cents in labor per vine to manage the touchless vineyard, compared to $1 per vine in a conventional vineyard.

Although robotics isn’t expected to steal all of the farming labor jobs, experts believe it could still be a disruptive technology, requiring a change in the way traditional growers operate.


Cyber Risks & Liabilities: September/October 2018

In this Issue

Who’s to Blame if a Security Breach Affects Your Organization?

A recent survey found that 70 percent of consumers expect businesses to take responsibility in the event of a data breach. But who within your organization should take the heat?

Acronyms All Businesses Need to Know

As cyber security evolves, it’s easy to become overwhelmed with all the terms and acronyms used. This article lists some of the most common acronyms in cyber security.

Increase in Attacks Against 911 Call Centers Highlight Need for New System

There have been 184 cyber attacks on public safety agencies and local governments since 2016, and 42 of those attacks targeted 911 call centers

Who’s to Blame if a Security Breach Affects Your Organization?

If a security breach affects your organization, your main focus may be to solve the problem as quickly as you can, not point the finger in blame. But your customers want to know why it happened and who was responsible, even if the breach occurred because of their own lax security measures (e.g., sharing passwords or opening suspicious emails). In fact, a recent survey found that 70 percent of consumers expect businesses to take responsibility in the event of a data breach. But who within your organization should take the heat?

The CEO

If an organization doesn’t budget enough for security solutions, the fault will likely be placed on whoever makes the financial decisions, stemming from the CEO. In fact, 29 percent of IT decision-makers who took part in a recent VMware survey thought that the CEO should be held responsible in the event of a large-scale data breach.

The CISO

If a data breach occurs even after your company adequately budgets for cyber security solutions, 21 percent of IT security professionals surveyed would still hold your CISO accountable in the event of a data breach.

IT Personnel

According to a 2014 report, 95 percent of cyber security incidents are due to human error. That’s why personnel who manage IT security on a regular basis are easy targets for blame.

Other Employees

While accountability may start with the CEO and board of directors, everyone in your organization should take responsibility for cyber security. Even if you have the most modern cyber security technology, its return on investment will be nonexistent without full employee participation

Increase in Attacks Against 911 Call Centers Highlight Need for New System

There have been 184 cyber attacks on public safety agencies and local governments since 2016, and 42 of those attacks targeted 911 call centers, according to cyber security firm SecuLore Solutions.

Over half of the attacks involved ransomware, in which hackers used a virus to control the emergency systems and hold them hostage for payment. Most of the remaining attacks were denial-of-service attacks, which involved a flood of fake calls that prevented call centers from addressing valid emergency calls.

Due to the vulnerabilities in the current 911 system and the fact that it doesn’t address the ways people communicate in the modern world—such as through texts—the emergency response industry is encouraging state and local governments to adopt a system called Next Generation 911.

The Next Generation 911 system will have advanced security and be able to seamlessly move incoming calls to other centers when needed. The new system also gives callers the choice of calling from a phone line or sending data through approved telecommunications carriers and internet service providers.

Next Generation 911 is expensive, however, and governments have been slow to adopt it. Plus, its increased connectivity also opens new potential means of attack, according to industry experts. Sophisticated defense systems run by in-house cyber security teams will be vital as the emergency response industry adopts any new technology.

Acronyms All Businesses Need to Know

Newsletter Provided by: Hierl's Property & Casualty Experts

Download the Newsletter