Helping Your Employees Protect Against Identity Theft

Are you doing enough to help your employees protect themselves from identity theft? Make sure to take a look at this article by Irene Saccoccio from SHRM on what employers can do to protect their employees from identity theft.

Social Security is committed to securing today and tomorrow for you and your employees. Protecting your identity and information is important to us. Security is part of our name and we take that seriously.

Identity theft is when someone steals your personally identifiable information (PII) and pretends to be you. It happens to millions of Americans every year. Once identity thieves have your personal information they can open bank or credit card accounts, file taxes, or make new purchases in your name. You can help prevent identity theft by:

  • Securing your Social Security card and not carrying it in your wallet;
  • Not responding to unsolicited requests for personal information (your name, birthdate, social security number, or bank account number) by phone, mail, or online;
  • Shredding mail containing PII instead of throwing it in the trash; and
  • Reviewing your receipts. Promptly compare receipts with account statements. Watch for unauthorized transactions.

It is important that your employees take the necessary steps to protect their Social Security number. Usually, just knowing the number is enough, so it is important not to carry your Social Security card or other documents unless they are needed for a specific purpose. If someone asks for your employees’ number, they should ask why, how it will be used, and what will happen if they refuse. When hired, your employees should provide you with the correct Social Security number to ensure their records and tax information are accurate.

If your employees suspect someone else is using their Social Security number, they should visit IdentityTheft.gov to report identity theft and get a recovery plan. IdentityTheft.gov guides them through every step of the recovery process. It’s a one-stop resource managed by the Federal Trade Commission, the nation’s consumer protection agency. You can also call 1-877-IDTHEFT (1-877-438-4338); TTY 1-866-653-4261.

Your employee should also contact the Internal Revenue Service (IRS), and file an online complaint with the Internet Crime Complaint Center at www.ic3.gov.

Don’t let your employees fall victim to identity theft. Advise them to read our publication Identity Theft and Your Social Security Number or read our Frequently Asked Questions for more information. If you or an employee suspects that they’re a victim of identity theft, don’t wait, report it right away!

See the original article Here.

Source:

Saccoccio I. (2017 May ). Helping your employees protect against identity theft [Web blog post]. Retrieved from address https://blog.shrm.org/blog/helping-your-employees-protect-against-identity-theft


Is Social Media Putting Employees’ Health, Safety at Risk?

Do your employees know about all of the risks that can come from their social media? Find out how social media can affect your employee's safety and health in this article from Employee Benefit News by Jill Hazan.

The issue of personal online safety has finally crossed over into the healthcare arena — and employers need to step up and learn to best educate employees about keeping them safe.

A recent article in the Journal of the American Medical Association Pediatrics, “Parental Sharing on the Internet: Child Privacy in the Age of Social Media and the Pediatrician’s Role,” highlights how parents who post information about their children on social media put them at greater risk for identity theft. In addition, this trend toward oversharing compromises a child’s protected health information. What might happen when that child applies for a job in the future and a simple internet search reveals health information she would not want an employer to know?

While HIPAA protects the confidentiality of an individual’s medical records, it doesn’t provide comprehensive protections outside the healthcare environment. The laws around the privacy rights of children relative to their parents’ online disclosures are still evolving. The article recommends that pediatricians ask parents about their social media habits to help keep children safe and their data private. It is a natural extension that all primary care providers should be asking patients about social media behaviors, as the issues of identity theft and data privacy are relevant to children and adults alike.
This recommendation is increasingly significant from an employee benefit perspective.

So what should employers do?

Employers routinely provide healthcare benefits to employees. If health plans and physicians are acknowledging and addressing the risks of social media from a privacy and security perspective, shouldn’t employers extend that focus into the workplace? With the continued employer emphasis on wellness, it is incumbent on health plans and employers alike to educate employees on online security and the risks of identity theft.

 

There are a variety of resources and benefits that employers can access to assist employees in navigating the online world safely. A series of well-structured, engaging seminars on identity theft and online security that combine real-life stories with actionable advice are effective in educating employees and changing behaviors. Online tutorials, like those provided by the Center for Identity at the University of Texas, Austin, can guide employees on setting proper privacy settings on social media sites, such as Facebook, Twitter, LinkedIn and Pinterest.

Identity theft protection plans provide monitoring and restoration services, as well as education to help keep employees and their families secure. EAPs may provide guidance on identity theft and counseling for victims. Comprehensive legal benefit plans provide legal advice and representation for victims of identity theft. Employers may also provide employees access to online data protection tools for use at work and home with features that encrypt communication and block malware and phishing attempts.

Employees need to understand how to navigate the social media and online environment to keep their families safe. Identity theft of a family member affects more than just one person. It can register an emotional, physical and financial toll on the entire family. Employers need to structure a comprehensive approach to managing the health and wellness of employees as it relates to their online behaviors. A program with a combination of employee benefits, from healthcare to identity theft protection benefits, supplemented by onsite employee education, will support the goals of the health plan and, ultimately, the organization’s overall business objectives.

See the original article Here.

Source:

Hazan J. (2017 May 1). Is social media putting employees' health, safety at risk? [Web blog post]. Retrieved from address https://www.benefitnews.com/opinion/is-social-media-putting-employees-health-safety-at-risk?feed=00000152-18a4-d58e-ad5a-99fc032b0000


The Killjoy of Office Culture

One of the latest things trending right now in business is the importance of office culture. When everyone in the office is working well together, productivity rises and efficiency increases. Naturally, the opposite is true when employees do not work well together and the corporate culture suffers. So, what are these barriers and what can you do to avoid them?

According to an article titled, “8 ways to ruin an office culture,” in Employee Benefit News, the ways to kill corporate culture may seem intuitive, but that doesn’t mean they still don’t happen. Here’s what organizations SHOULD do to improve their corporate culture.

Provide positive employee feedback. While it’s easy to criticize, and pointing out employees’ mistakes can often help them learn to not repeat them, it’s just as important to recognize success and praise an employee for a job well done. An “attaboy/attagirl” can really boost someone’s spirits and let them know their work is appreciated.

Give credit where credit is due. If an assistant had the bright idea, if a subordinate did all the work, or if a consultant discovered the solution to a problem, then he or she should be publicly acknowledged for it. It doesn’t matter who supervised these people, to the victor go the spoils. If someone had the guts to speak up, then he or she should get the glory. Theft is wrong, and it’s just as wrong when you take someone’s idea, or hard work, and claim it as your own.

Similarly, listen to all ideas from all levels within the company. Every employee, regardless of their position on the corporate ladder, likes to feel that their contributions matter. From the C-suite, all the way down to the interns, a genuinely good idea is always worth investigating regardless of whether the person who submitted the idea has an Ivy League degree or not. Furthermore, sometimes it takes a different perspective – like one from an employee on a different management/subordinate level – to see the best way to resolve an issue.

Foster teamwork because many hands make light work. Or, as I like to say, competition breeds contempt. You compete to get your job, you compete externally against other companies, and you may even compete against your peers for an award. You shouldn’t have to compete with your own co-workers. The winner of that competition may not necessarily be the best person and it will often have negative consequences in terms of trust.

Get rid of unproductive employees. One way to stifle innovation and hurt morale is by having an employee who doesn’t do any work while everyone else is either picking up the slack, or covering for that person’s duties. Sometimes it’s necessary to prune the branches.

Let employees have their privacy – especially on social media. As long as an employee isn’t conducting personal business on company time, there shouldn’t be anything wrong with an employee updating their social media accounts when they’re “off the clock.” In addition, as long as employees aren’t divulging company secrets, or providing other corporate commentary that runs afoul of local, state, or federal laws, then there’s no reason to monitor what they post.

Promote a healthy work-life balance. Yes, employees have families, they get sick, or they just need time away from the workplace to de-stress. And while there will always be times when extra hours are needed to finish a project, it shouldn’t be standard operating procedure at a company to insist that employees sacrifice their time.

 

 


U.S Aftermath of WannaCry Ransomware Yet to be Seen

The WannaCry ransomware that has spread across 150 countries since Friday has appeared to slow down, but employees starting the workweek should be careful, as the effects in the United States are yet to be determined.

WannaCry locks users out of their computers by exploiting a vulnerability in outdated versions of Mircosoft Windows. It then demands money from users who want to regain control of their data. The ransomware initially requests around $300, and if no payment is made, threatens to double the amount after three days and delete files within seven days. Once it infects one computer, it can spread to every computer in that network within seconds.

According to Elliptic- a London startup that helps law enforcement agencies track criminals-around $50,000 worth of bitcoin payments have been made to the hackers as of Monday morning.

Countries Affected in First Few Hours of Cyber Attack

  • United States- Fedex
  • United Kingdom- The National Health Service
  • Russia- The Ministry of Internal Affairs
  • France- Renault
  • Spain- Telefonica
  • China- Universities and gas stations
  • Japan- Hitachi

Nobody knows who is behind the attack, but Europol is working on a decrypting tool. Many firms hired experts over the weekend to prevent new infections, which seems to have worked in Europe, so far.

After the initial discovery of the WannaCry ransomware, Mircosoft issued a warning to the U.S. government concerning its data-storing practices. Mircosoft claimed that the tool used in the WannaCry cyber attack was developed by the U.S. National Security Agency and was stolen by hackers. Microsoft released a Windows security update in March to tackle the problem exposed by the latest attack, but many users haven't run the update yet.

Precautions

Some experts recommend that you should not pay the ransomware if you've been hacked. Even if there is a way to determine if you've paid the ransom, there is no guarantee that the hackers will return the files to you unharmed, if returned at all. Experts also recommend you take the following precautions:

  • Update your network if you haven't yet.
  • Turn on auto-updaters, if available.
  • Don't click on links that you do not recognize.
  • Don't download files from people you don't know.
  • Back up your documents regularly.

Hierl Insurance Inc. will continue to monitor the situation. Contact us if you have any further questions regarding how you can avoid disruptive business interruptions from cyber attacks.


Don't Put Up with the Bull of Bullying

There’s no place for bullying and that’s especially true in the workplace, yet many employees bully their co-workers. So, how does this happen? It used to be that bullying was confined to the schoolyard, but now it’s spread to cyberbullying and workplace bullying. Now, if there’s a culture of bullying at an organization, often it’s repeated as people climb the corporate ladder even though they were bullied themselves when they held lower positions.

An article on the website Human Resource Executive Online titled, “How to Bully-proof the Workplace,” says that “80 percent of bullying is done by people who have a position of power over other people.” Let that number sink in. That means four out of five people in positions of power will bully their subordinates.

One possible reason for the high number is that bullying may be difficult to identify and the person doing the bullying may not even realize it. Either the bully, or the victim, could view the action as teasing, or workplace banter. However, when one person is continually picked on, then that person is being bullied. Likewise, if a manager picks on all of his or her subordinates, then that person is a bully.

It’s important for organizations to have policies in place to thwart bullying and not just for the toll it takes on employees. It also begins to affect productivity. Those being bullied often feel like their work doesn’t matter and their abilities are insufficient. Worse is that bullies tend to resent talented people as they’re perceived as a threat. So, bullies tend to manipulate opinions about that employee in order to keep them from being promoted.

Eventually, talented employees decide to work elsewhere, leaving the employer spending time and money to find a replacement. But the bully doesn’t care. It just means they get to apply their old tricks on someone who isn’t used to them.

At some point, someone will fight back. Not physically, of course, but through documentation. An employee who is being bullied should immediately document any and all occurrences of workplace bullying and then present those documents to someone in HR. Most likely, this will result in identification of the bullying, stoppage of it, counseling for both the bully and the victim, and, if not already enacted, policies to prevent it from happening again.


Protect Yourself From Cyber Attacks

“My advice is to do all you can from a risk management standpoint but you also need insurance because you never know what can happen.” - Cathleen Christensen, Vice President of Property and Casualty

VP, Property & Casualty

In today’s world, a day does not pass without a large company being featured on the news because they are suffering from a data breach or hacking incident that has threatened personal information.

Cyber security is a concept that has become a high priority in the past five years. Since this issue is fairly new, demand for cyber insurance is emerging, since most cyber related claims are currently not covered under a standard insurance program. The questions that arise the most regarding cyber security and liability are about understanding the level of exposure a company’s data faces and knowing what cyber coverage encompasses.

Large companies are not the only ones at risk, it is often small businesses that are most vulnerable simply because they are not prepared. Most small (under 250 employees) businesses do not have the IT staff necessary to help protect a business. Even manufacturing companies are at risk because while credit card information is a large component, it is not the only type of attack. Can you afford the risk of not protecting your employee, client and company data?

With 10+ years of experience addressing cyber risks, Hierl’s process of approaching cyber security begins with an assessment of a client’s risk and exposure. This involves knowing what data a client has, who has access to it, how it’s stored and how they are backing it up. Hierl can expertly evaluate the coverage that is necessary to keep an organization secure.

Because it is an emerging coverage, cyber insurance plans are not standard. Hierl advises a three-fold type of coverage including:

  1. Business coverage for customers and employees
  2. Protection for your company and the data it houses
  3. PR assistance if a security breach occurs

The best policies offer assistance to help you to work through things if something was to ever happen, as well as forensic and technical assistance to determine how the breach occurred.

“Many organizations that have suffered cyber-crime are sophisticated, big businesses. If they can’t stop these attacks from happening, most other businesses can’t either.”

If it is determined quickly that a breach has happened and a good backup exists a company can recover quickly and the attack is much less damaging. However, when a company’s data gets out in the wild is when attacks become most expensive.

The 2016 Ponemon Institute Cost of Data Breach study reported that the average cost of a lost record rose from $154 in 2015 to $158 in 2016. Even if, you only have 20 employees now and that doesn’t seem all that bad...you need to think about how many employee records do you have from the past 10 years? Cyber-attacks don’t just affect current records nor do they only target employee data but client and company data too. This type of insurance is becoming a must have coverage for businesses because of how sophisticated these attacks have become

Three reasons to explore cyber coverage for your business:

  1. There is a higher incidence of cyber crime
  2. The longer it takes to detect and contain a data breach, the costlier it becomes
  3. Effects of a cyber-attack extend beyond monetary and data losses to losing business and customers

To download the full article click Here.


Workplace Cybersecurity Begins with Employees

Great article from our partner, United Benefit Advisors (UBA) by Tara Marshall.

I've looked at clouds from both sides now
From up and down and still somehow
It's cloud illusions I recall
I really don't know clouds at all

-- Joni Mitchell, "Both Sides, Now"

And like that song from 1969, it appears that most employees really don’t know cloud computing at all. In an article on the Society for Human Resource Management’s website titled, “Public Enemy No. 1 for Employers? Careless Cloud Users, Study Says,” a North American IT solutions and managed services provider called Softchoice found that 1 in 3 users of cloud-based apps (e.g., Google Docs and Dropbox) download the app without letting their IT department know. Cloud computing became popular a few years ago because people could store all their documents, photos, and other information and then access that data from anywhere at any time and on any device.

What makes this such a bad situation is not the cloud computing itself, but that the vast majority of employees lack any sense of cybersecurity. That same study found that 1 in 5 employees:

  • Keep their passwords in plain sight (e.g., on Post-it Notes on their desks).
  • Have accessed work files from a device that was not password-protected.
  • Have lost devices that weren't password-protected.

Complicating this further is that the employees who actually do use passwords usually have weak passwords. That is, they are easy to guess (e.g., “1234,” “password,” or their username). Rather than leave a company and its network vulnerable to attack, some IT people suggest a ban on cloud accounts for work.

Security breaches involving a company’s intellectual property can be very costly. Sometimes referred to as “ransomware,” the important data of an organization will either be stolen or encrypted and will not be released until a fee is paid.

A better solution to a ban on cloud accounts would be to educate employees on the necessity for cyber security, train them to improve their online security habits, and remind them that IT rules are in place to make a company more secure, not make it more difficult for employees to be productive. Cyber thieves are clever and when they can’t break into a system using technology, they often rely on the flaws of human nature.

As we become more and more connected to the Internet, we leave ourselves and the companies where we work more accessible to cyber threats. It’s imperative that employees keep everything locked down.

See the original article Here.

Source:

Marshall T. (2017 March 14). Workplace cybersecurity begins with employees [Web blog post]. Retrieved from address http://blog.ubabenefits.com/workplace-cybersecurity-begins-with-employees


Stay Safe With Society

Check out this free upcoming webinar from Society Insurance about " Reducing Outdoor Slip, Trip and Falls"

0748d8c453ad9b1d081763d1525ccb6e

Reducing Outdoor Slip, Trip and Falls
Friday, April 28, 1 p.m. - 2 p.m. CDT
Click here to register.

  • Slips, trips and falls are the second-leading cause of employee injuries nationally, with an increase of 41 percent since 1998.
  • Slips, trips and falls are also a leading cause of customer injuries.
  • Slips, trips and falls are not just a winter concern!

Doing everything possible to prevent slip, trip and falls is not just a priority – it's a necessity!

This live webinar focuses on identifying hazards that could cause outdoor slip, trip and falls. Society's risk management experts will also discuss corrective actions that can help to reduce the occurrence of these incidents and injury losses.

Register now and pass it on! All are welcome and every business can benefit from the information in this webinar.


5 reasons why auto accidents are on the rise

Have you noticed more auto accidents lately? Then check out this interesting article from Property Casualty 360 about the reasons why auto accidents are on the rise by Denny Jacob

According to the National Safety Council, traffic deaths increased 6 percent to 40,200 — the first time since 2007 that more than 40,000 have died in motor vehicle crashes in a single year.

The 2016 total follows a 7 percent rise in 2015. Much of this is attributed to continued lower gasoline prices and an improving economy which has increased motor-vehicle mileage.

In addition, the U.S. Department of Transportation’s early estimates show the motor vehicle traffic fatalities for the first nine months of 2016 increased about 8 percent as compared to the motor vehicle traffic fatalities for the first nine months of 2015. Preliminary data reported by the Federal Highway Administration (FHWA) shows that vehicle miles traveled (VMT) in the first nine months of 2016 increased about 3 percent.

All 10 National Highway Traffic Safety Administration (NHTSA) regions experienced increases during the first nine months of 2016. In particular, the South, Southeast and Northeast saw motor vehicle traffic fatalities spike between 11 and 20 percent alone.

Here are 5 factors contributing to the increase in auto accident rates:

More cars on the road and miles driven today

Cheap gas and diesel, plus a stronger economy, has caused high road density with more cars on the road. The Department of Transportation's Federal Highway Administration shows that driving jumped 3.5 percent over 2015, the largest uptick in more than a decade. Americans drove more than 3.15 trillion miles, equivalent to around 337 round trips from Earth to Pluto. The previous record, around 3 trillion miles, was set in 2007.

More distractions

Beyond texting and driving, from Bluetooth to Snapchat, approximately 660,000 drivers are attempting to use their phones while behind the wheel of an automobile. On top of that, we now have sensors and technologies that respond to our every move in vehicles. We have apps that connect to center consoles and more touch-screen technology in vehicles than ever before

Younger, more inexperienced drivers

A new study from AAA Foundation for Traffic Safety show that millennial drivers (more 19- to 39-year-old drivers) are texting, speeding and running red lights. They also think it's OK to speed in school zones. While the statistics improve for older drivers, it’s not by much. From a commercial driver standpoint, the experience (or inexperience) of drivers can lead to more auto accidents overall.

Cost of car repair more expensive

Think about your grandfather’s car. If the engine blew, you went to a mechanic who fixed the problem. Now, everything in a car is connected by a computer. If one fuse blows, it will likely have an impact on other parts of the vehicle. Yes, computers make it easier and quicker to fix, but overall costs tend to be higher, especially because cars on the road are much newer.

Ultimately, we pay for the technology (computers, advancements in bodywork, HVAC, etc.). To diagnose many computer issues and the dozens of sensors requires a scan tool that is capable of accessing the thousands of manufacturer-specific trouble codes and data streams. A good one can cost $7,000 alone.

Injury costs from accidents on the rise

No surprise, the cost of medical care has increased, most of which are spinal and soft tissue injuries. According to the Mayo Clinic, more than 35 percent of spinal cord injuries are caused by vehicle accidents (truck, automobile, or motorcycle). Think about this — medical spending for spinal care per patient increased by 95 percent from $487 to $950 between 1999 to 2008, accounting for inflation.

But think about the full picture, which compounds the issue. You get whiplash (direct medical cost), have to stay home for a few weeks (loss of income) and get physical therapy (cost of post-injury medical care — according to one estimate, about 25 percent of whiplash injury patients end up suffering chronic pain). The costs can triple from an economic and quality-of-life perspective, costing the U.S. $2.7 billion per year.

See the original article Here.

Source:

Jacob Denny (2017 March 02). 5 reason why auto accidents are on the rise [Web blog post]. Retrieved from address http://www.propertycasualty360.com/2017/03/02/5-reasons-why-auto-accidents-are-on-the-rise?page_all=1


5 trends and factors that continue to impact cybersecurity in 2017

Great article from Property Casualty 360 about 5 trends that will impact cybersecurity in 2017 by Gary S. Miliefsky

It’s not unexpected any more: We awaken to learn that yet another national retailer has been hacked, and once again credit-card information for millions of customers is at risk.

Yet, despite all the publicity these security breaches receive and all the warnings consumers hear, cyber criminals still achieve success — and they’re becoming more brazen than ever.

Sometimes it can feel like the cyber criminals are working harder than the people who are supposed to be protecting our information, but when consumers and businesses are vigilant, they can foil those cyber criminals despite all their scheming.

We should be asking ourselves: Why not prevent breaches instead of reacting to them? Corporate America and consumers don’t need to sit around waiting to become cybercrime victims.

To that end, here are some cyber security trends and factors worth knowing about for the rest of 2017 and beyond:

Serious breaches still take too long to discover

As unsettling as it is to think about, the truth is there’s generally a long lag time between when a breach happens and when it’s discovered. The average is 280 days, which means if cyber criminals hack your system today, it could be about nine months before anyone realizes there’s a problem.

 

Employees will continue to be critical to protection

For just about any organization, employees are the first line of defense — and the weakest link. Typically, when a breach happens behind a firewall it’s because someone was tricked into clicking on a link they shouldn’t have. Employees need to be educated to prevent these kinds of attacks.

 

Cyber insurance is hot and growing hotter

A breach can prove costly to companies, which is why cyber insurance is a growing field. Just as homeowner’s insurance doesn’t keep your house from catching fire, though, cyber insurance doesn’t guard against a breach. However, it is important for businesses to adopt a policy that can help the company that’s hit by a breach regain its financial footing.

 

The importance of managing company intranet

Most breaches happen behind firewalls. You’ll need more than antivirus to stop the bad guys. This includes anti-phishing tools, network access control (NAC), zero-day malware quarantining and other next-generation approaches focusing on the root cause of how you get breached.

Without a NAC solution, you won’t be able to tell who is on your network, including if the cleaners are plugging in a laptop at midnight or if a consultant is on the wrong VLAN, like human resources or payroll where you don’t want them to have access.

In addition, you should find and fix all your common vulnerabilities and exposures. You can learn more about them at the National Vulnerability Database at nvd.nist.gov or cve.mitre.org. By finding and fixing your holes, you’ll have a stronger, less exploitable infrastructure.

Consumers’ best protection is still self-protection

Consumers can’t always count on how well their bank or their favorite retailer handles cyber security. Anyone can take steps to be safer. Change passwords frequently. Put a sticker over your laptop’s webcam when you’re not using it. Protect your smartphone by turning off WiFi, Bluetooth, NFC and GPS except when you need them. Delete cookies and your browsing history regularly. When consumers learn the importance of mobile-device “hygiene,” both they and the places they work are at less risk of suffering a data breach or los

See the original article Here.

Source:

Miliefsky (2017 March 03). 5 trends and factors that continue to impact cybersecurity in 2017 [Web blog post]. Retrieved from address  http://www.propertycasualty360.com/2017/03/03/5-trends-and-factors-that-continue-to-impact-cyber?slreturn=1488916705&page_all=1