3 wise cybersecurity solutions for 2017

Is your company properly protected from cybersecurity threats? Find out how to protect yourself from online threats thanks to this great article from Prperty & Casualty 360 by Christopher Roach.

As businesses are spending millions of dollars on technology and software to protect themselves from cybercrimes, they may be missing a leading cause of cybercrime by not investing their money in training their own employees.

Human error is the leading cause of cybercrimes, according to BakerHostetler’s 2016 Data Security Incident Response Report. Some of the most prominent companies learned that all too well in the last calendar year, as costly mistakes by their employees left their business vulnerable to hacks.

In the spring of 2016, Snapchat was the victim of a phishing scam, where hackers posing as the CEO convinced an employee to email them the personal information — IRS Form W-2 data — of about 700 current and former employees of the organization. This included employee names, Social Security numbers, wages, stock-option gains and benefits. Shortly after the information was released, the employee realized that the original request was not legitimate. Everyone affected by the scam was quickly notified and offered free credit monitoring and identity theft insurance.

A human mistake was also the leading cause of a recent breach of Premier Healthcare, a multispecialty healthcare provider. After the billing department failed to secure its computers, a laptop computer was stolen from its headquarters. The electronic protected health information (ePHI) that could have been accessed from the single laptop could affect roughly 200,000 patients. The laptop was password-protected but not encrypted.

Employees reported the stolen laptop as soon as they realized it was missing, and the company took a number of steps to locate the laptop and identify the thief, including notifying patients and filing a police report. Fortunately, the laptop was returned and a comprehensive forensic analysis revealed the laptop had not been powered on since it went missing.

This year, Snapchat, Premier Healthcare and every other business big, medium or small, must invest in cybersecurity protection. They have to prepare their employees for the worst.

Here are three cybersecurity resolutions that offices need to make going forward:

1. Train employees with gamification.

In addition to sending around a list of dos and don’ts on how to prevent cyberattacks to employees, companies could get more creative when it comes to training their staff. Businesses should consider using gamification for training exercises to present real-life scenarios to employees.

One way to do this is by having “pretend” hackers try to obtain proprietary information from employees.  If an office doesn’t properly react, it could provide as a great lesson for everyone. If they react correctly they could win a prize. Every employee poses a risk, so training each individual is a critical element of cybersecurity.

2. Testing your response time.

Hackers are always going to be one step ahead due to the ever-changing cybersecurity landscape. In preparation, companies must have a cyber response plan in place and need to be ready to respond to multiple scenarios.

Employees need to understand how to identify risks and the appropriate individuals or departments where they should report findings. In addition, every employee should be taught best practices, like how to create stronger passwords or how to spot suspicious emails, so that they can use good judgement when online. If you suspect something, report it.

3. Protect your crown jewels.

The most important thing that business can do is identify their “crown jewels,” which are their data assets that are most critical to their organization and customers. Once the crown jewels have been identified, a company’s security team can establish targeted cybersecurity controls to insure this data is secure and recoverable.

While doing this, companies should make sure to conduct a penetration test to find out if their most important assets are vulnerable to hackers. This approach will save time and money. It’s not practical or cost effective to put the same level of protection on all data, so target the data that’s most important to the business.

See the original article Here.

Source:

Roach C. (2017 March 24). 3 wise cybersecurity solutions for 2017 [Web blog post]. Retrieved from address http://www.propertycasualty360.com/2017/03/24/3-wise-cybersecurity-solutions-for-2017?slreturn=1491841086&page_all=1


Potential Impact of Good Communication

Good things come to those who wait.... except when understanding your benefits. The sooner employees become educated on why they have unique benefits, the sooner they will put them to use!

"Those who don't understand benefits, don't utilize them correctly. They are not good consumers of health care." - Scott Smeaton, Hierl Executive Vice President.

It is important to understand your employee benefits not only for your own health reasons, but also so that you are able to recognize why your employer offers the unique benefits they do.

What differentiates Hierl and how they help effectively communicate benefits?

At Hierl, we look at each client as unique. What works best for one may not be ideal for another. It's about really being able to understand the culture and provide different communication options such as presentations, visuals, emails, and website.

Hierl shines when it comes to giving employers/employees access to all forms of communication, specifically in the communication campaigns run throughout the year. By assessing the necessary points to communicate and then building quarterly and monthly campaigns around these objectives, Hierl brings unique, strategic solutions to explaining employee benefits. The evidence of communication strategies at work is apparent in the results gathered from clients.

"One of the ways companies can measure the success of their program is to measure employee satisfaction. By measuring employee satisfaction after communication campaigns, findings show that the more regularly benefits are communicated, the higher employee satisfaction goes up!" - Scott Smeaton

scott smeaton

3 Key Points on Communicating Benefits

  1. Keep it simple- (no explanation needed!)
  2. Try different avenues- one person may prefer email while another prefers paper
  3. Communicate often- benefits communication should take place all year long

To download the full article click Here.


Workplace Cybersecurity Begins with Employees

Great article from our partner, United Benefit Advisors (UBA) by Tara Marshall.

I've looked at clouds from both sides now
From up and down and still somehow
It's cloud illusions I recall
I really don't know clouds at all

-- Joni Mitchell, "Both Sides, Now"

And like that song from 1969, it appears that most employees really don’t know cloud computing at all. In an article on the Society for Human Resource Management’s website titled, “Public Enemy No. 1 for Employers? Careless Cloud Users, Study Says,” a North American IT solutions and managed services provider called Softchoice found that 1 in 3 users of cloud-based apps (e.g., Google Docs and Dropbox) download the app without letting their IT department know. Cloud computing became popular a few years ago because people could store all their documents, photos, and other information and then access that data from anywhere at any time and on any device.

What makes this such a bad situation is not the cloud computing itself, but that the vast majority of employees lack any sense of cybersecurity. That same study found that 1 in 5 employees:

  • Keep their passwords in plain sight (e.g., on Post-it Notes on their desks).
  • Have accessed work files from a device that was not password-protected.
  • Have lost devices that weren't password-protected.

Complicating this further is that the employees who actually do use passwords usually have weak passwords. That is, they are easy to guess (e.g., “1234,” “password,” or their username). Rather than leave a company and its network vulnerable to attack, some IT people suggest a ban on cloud accounts for work.

Security breaches involving a company’s intellectual property can be very costly. Sometimes referred to as “ransomware,” the important data of an organization will either be stolen or encrypted and will not be released until a fee is paid.

A better solution to a ban on cloud accounts would be to educate employees on the necessity for cyber security, train them to improve their online security habits, and remind them that IT rules are in place to make a company more secure, not make it more difficult for employees to be productive. Cyber thieves are clever and when they can’t break into a system using technology, they often rely on the flaws of human nature.

As we become more and more connected to the Internet, we leave ourselves and the companies where we work more accessible to cyber threats. It’s imperative that employees keep everything locked down.

See the original article Here.

Source:

Marshall T. (2017 March 14). Workplace cybersecurity begins with employees [Web blog post]. Retrieved from address http://blog.ubabenefits.com/workplace-cybersecurity-begins-with-employees


What it Takes to Make Good Decisions in the New World of Work

With many companies taking employee education and training into their own hands employers must be properly prepared for the changing future. Check out this great article from SHRM about what employers must do to keep pace in the ever evolving workplace by Ross Smith and Madhukar Yarra

We live in a world where phenomena such as the internet, globalization, social media, and mobility are accelerating change faster than ever before. Today’s digital age fed by big data is manifested in new businesses disrupting existing business models, which are remnants of the industrial era. These new models, typified by the Ubers, Amazons, Teslas, Airbnb’s and Facebooks of the world, are fossilizing the older generation of companies.

It is difficult for the education system to keep pace with this kind of change. The education system is a behemoth whose design is evolving to address the need for agility and speed. They change after the fact and therefore almost always take refuge in ‘best practices’. The MBA as we know it, has also fallen prey to this.

The MBA has been designed to provide a pool of mid-level managers for large corporations and questions arise about the future. Armed with an MBA, new hires walk into a large corporation with a desire to prove their worth through a strong knowledge of historical best practices. They may miss the value of ‘first principles’ thinking, and more often than not, face challenges to make an impact. Over time, this can create a disconnected or disillusioned workforce.

The question then becomes - if emerging and disruptive business models no longer subscribe to historical best practices, and by extension, to business schools, as their source for leadership, where should they look? What is that institution or model that allows individuals to build decision making capabilities in today’s world?

The reliance on irrelevant frameworks, outdated textbooks, and a historical belief in “best practices” all run counter to how a leader needs to be thinking in today’s fast paced digital world.  There are no established best practices for marketing in a sharing economy or creating a brand in a digital world. The best practices might have been established last week. The world is moving fast, and leaders need to be more agile. Today, Millennials are leading teams, calling the shots in many corporations, which means that the energy created is one that leaves little time for rules and structures to effectuate and/or create impact. Making good decisions in today’s business world requires a new and different kind of thinking, and there are tactics that can help grow these new types of leaders.

Importance of questions: most leadership and business programs today evaluate and assess students based on answers, not the ability to ask good questions. Thoughtful and incisive questions lead to innovation and as business problems become more granular and interconnected, this skill will help leaders arrive at better decisions.

Experimentation over experts: Students are encouraged to seek “expert advice” rather than formulating their own hypotheses that can be tested as low cost experiments. While consulting with those who have walked the same path has its benefits, relying on the experiences of others may hinder growth, particularly when change is accelerating. The shift to globalization, digitization, social, and agile are changing rapidly, there is no “right answer”, so experimentation is a crucial skill.

Interdisciplinary perspective: Disciplines and industry sector models are glorified at a time when discipline barriers are being broken to create new ideas. A conscious intermingling of disciplines creates more fertile minds for innovative thoughts to occur.

In today’s management programs, outdated content and old-school delivery mechanisms are limiting  students and businesses alike. There is a dire need to help business and young talent alike embrace a new art of problem solving, essential for the realities of today.

Many companies are starting to take education and employee training into their own hands. The advent of online courses, MOOCs, and other innovative programs in employee education are supplementing traditional education.

HR professionals can learn from companies who have set up their own deep technical training programs. With the work they do to augment decision science skills, Mu Sigma University is a great example of a modern day tech company, building skills across technology, business, analytics, and design. The workforce is changing. Many traditional jobs are being replaced with automation, robots, cloud-based machine learning services, and artificial intelligence – while at the same time, the demand for high end engineering, analytics, business intelligence, data and decision science is booming. Many companies, such as Mu Sigma, are spinning up advanced technical training investments to ensure their employees are equipped for a rapidly evolving future.

See the original article Here.

Source:

Smith R. &  Yarra M. (2017 March 15). What it takes to make good decisions in the new world of work [Web blog post]. Retrieved from address https://blog.shrm.org/blog/what-it-takes-to-make-good-decisions-in-the-new-world-of-work


Stay Safe With Society

Check out this free upcoming webinar from Society Insurance about " Reducing Outdoor Slip, Trip and Falls"

0748d8c453ad9b1d081763d1525ccb6e

Reducing Outdoor Slip, Trip and Falls
Friday, April 28, 1 p.m. - 2 p.m. CDT
Click here to register.

  • Slips, trips and falls are the second-leading cause of employee injuries nationally, with an increase of 41 percent since 1998.
  • Slips, trips and falls are also a leading cause of customer injuries.
  • Slips, trips and falls are not just a winter concern!

Doing everything possible to prevent slip, trip and falls is not just a priority – it's a necessity!

This live webinar focuses on identifying hazards that could cause outdoor slip, trip and falls. Society's risk management experts will also discuss corrective actions that can help to reduce the occurrence of these incidents and injury losses.

Register now and pass it on! All are welcome and every business can benefit from the information in this webinar.


Is industry coming around to robo-advisor concept?

Have you ever thought about the future of employee benefits advisors? Take a look at this interesting article from Benefits Pro about the growth of robotic employee benefits advisors by Caroline Marwitz

LAS VEGAS -- Some advisors see robo-advisors as a competing force.

At the NAPA 401(k) Summit, you might expect some hostility to the concept. After all, the market for algorithm-based, non-human decision-making robo-advisors is expected to grow.

Business Insider’s research service, BI Intelligence, forecasts that by 2020, robo-advisors will manage $8 trillion in assets.

But the questions for two executives at two robo-advisor firms during a technology panel demonstrated more curiosity than hostility. Betterment for Business's Cynthia Loh and blooom’s (yes, three Os) Chris Costello fielded them and got in some marketing in the process.

The questions ranged from whether advisors can get data and metrics about results (yes), how good is the security and encryption of participant information (as good as a bank’s), whether rebalancing is participant-driven (no), whether there was a process to update employee risk tolerance and other information over time, as it changes (yes), to whether these robo-advisors partner with advisors to offer compensation (Betterment: yes, we have a separate arm of the business for that; blooom: ten dollars per participant doesn’t make a partnership conducive, though advisors can offer this service to differentiate themselves to plan sponsors).

The common wisdom is that robo-advisors, at least in the retirement industry, are aimed at people with fewer assets.

However, in the wider investment industry, the BI Intelligence research report noted: “Consumers across all asset classes are receptive to robo-advisors — including the wealthy. 49% of this group would consider investing some of their assets using a robo-advisor.”

For blooom, its market is not intended to be the wealthy, CEO and cofounder, Chris Costello, said, but rather “the people who don’t understand stuff.”

“All the way up the food chain, people are messing up their 401k plans,” Costello said. “We are targeting a segment of market most advisors aren’t targeting, most are well below 250,000 dollars.”

The stereotypical user of a robo-advisor is, of course, a millennial. But now, said Betterment’ for Business GM Cynthia Loh, “Everyone expects technology.” Even the clients have changed, she said. Where in the past it might be a tech company, within the last year companies of other kinds have come on board -- medical, legal, and financial services firms.

Taking aim at the traditional, minimalist way many employers offer information on retirement plans, Costello noted that there are always going to be employees who like to study their options and do their homework. “But that is not most Americans. Most Americans need this to be done for them. When I had wealthy clients, I didn’t tell them to go home and study up. We did the work for them. This brings the services that wealthy people have been getting for decades.”

Still, Loh added, Betterment embraces both the technology and the human side.  “We recognize there’s always going to be a place for human advice.”

Because ultimately it comes back to the human side, not the technology side. Of course, the technology behind the algorithms is important. But something as warm and fuzzy as the participant questionnaire is also crucial.

In fact, recent guidance on robo-advisors from the Securities and Exchange Commission concerns itself with a robo-advisor’s questionnaire.  Which makes sense, as it’s the information the algorithms use to make their decisions and the basis of their advice. Garbage in, garbage out. And the ability, which both firms offer, to consult with a human advisor, whether it might be by phone or by chat, is also important, at least to what we know about what plan participants want.

And the Department of Labor’s fiduciary rule has made many in the retirement industry feel that knowing as much as possible about a participant or client is key to successfully helping them as well as being in compliance.

See the original article Here.

Source:

Marwitz Caroline (2017 March 19). Is industry coming around to robo-advisor concept [Web blog post]. Retrieved from address http://www.benefitspro.com/2017/03/19/is-industry-coming-around-to-robo-advisor-concept?ref=hp-top-stories


What Employers Need to Know About Communication

What's the key communication platform for employee benefits communication?

"It is not a one size fits all approach, each group needs to take a look at their population and decide what is best for them."  -Tonya Bahr, Hierl Employee Benefit Advisor.

  • Emails are efficient for targeting professional staff, especially companies that have companywide email addresses.
  • Letters or texts are the best way to communicate with field or labor employees.
  • A popular way to communicate is by meeting, whether it be a webinar or seminar. Often, companies will mandate that their employees attend informational sessions discussing benefits offered. This allows our clients to efficiently communicate a consistent message out to employees to help understand their benefits.

 

Ding ding ding, round 1! Paper VS Digital communications

Okay, not really because it's not a competition!

"An online approach works really well for employees but it is also very important for the spouses to be engaged as well. We typically follow up the meetings with a deliverable the employee can bring home to their spouse. This not only allows the spouse to learn more about the benefits available to them, but it also reinforces what was covered in the meeting for the employee." -Tonya Bahr

tonya bahr 

To download the full article click Here.


5 trends and factors that continue to impact cybersecurity in 2017

Great article from Property Casualty 360 about 5 trends that will impact cybersecurity in 2017 by Gary S. Miliefsky

It’s not unexpected any more: We awaken to learn that yet another national retailer has been hacked, and once again credit-card information for millions of customers is at risk.

Yet, despite all the publicity these security breaches receive and all the warnings consumers hear, cyber criminals still achieve success — and they’re becoming more brazen than ever.

Sometimes it can feel like the cyber criminals are working harder than the people who are supposed to be protecting our information, but when consumers and businesses are vigilant, they can foil those cyber criminals despite all their scheming.

We should be asking ourselves: Why not prevent breaches instead of reacting to them? Corporate America and consumers don’t need to sit around waiting to become cybercrime victims.

To that end, here are some cyber security trends and factors worth knowing about for the rest of 2017 and beyond:

Serious breaches still take too long to discover

As unsettling as it is to think about, the truth is there’s generally a long lag time between when a breach happens and when it’s discovered. The average is 280 days, which means if cyber criminals hack your system today, it could be about nine months before anyone realizes there’s a problem.

 

Employees will continue to be critical to protection

For just about any organization, employees are the first line of defense — and the weakest link. Typically, when a breach happens behind a firewall it’s because someone was tricked into clicking on a link they shouldn’t have. Employees need to be educated to prevent these kinds of attacks.

 

Cyber insurance is hot and growing hotter

A breach can prove costly to companies, which is why cyber insurance is a growing field. Just as homeowner’s insurance doesn’t keep your house from catching fire, though, cyber insurance doesn’t guard against a breach. However, it is important for businesses to adopt a policy that can help the company that’s hit by a breach regain its financial footing.

 

The importance of managing company intranet

Most breaches happen behind firewalls. You’ll need more than antivirus to stop the bad guys. This includes anti-phishing tools, network access control (NAC), zero-day malware quarantining and other next-generation approaches focusing on the root cause of how you get breached.

Without a NAC solution, you won’t be able to tell who is on your network, including if the cleaners are plugging in a laptop at midnight or if a consultant is on the wrong VLAN, like human resources or payroll where you don’t want them to have access.

In addition, you should find and fix all your common vulnerabilities and exposures. You can learn more about them at the National Vulnerability Database at nvd.nist.gov or cve.mitre.org. By finding and fixing your holes, you’ll have a stronger, less exploitable infrastructure.

Consumers’ best protection is still self-protection

Consumers can’t always count on how well their bank or their favorite retailer handles cyber security. Anyone can take steps to be safer. Change passwords frequently. Put a sticker over your laptop’s webcam when you’re not using it. Protect your smartphone by turning off WiFi, Bluetooth, NFC and GPS except when you need them. Delete cookies and your browsing history regularly. When consumers learn the importance of mobile-device “hygiene,” both they and the places they work are at less risk of suffering a data breach or los

See the original article Here.

Source:

Miliefsky (2017 March 03). 5 trends and factors that continue to impact cybersecurity in 2017 [Web blog post]. Retrieved from address  http://www.propertycasualty360.com/2017/03/03/5-trends-and-factors-that-continue-to-impact-cyber?slreturn=1488916705&page_all=1


The Changing Landscape of Employee Benefits

Great article from our partner, United Benefit Advisors (UBA) about the changes coming to employee benefits by Pat McClelland

There is no denying our industry is changing rapidly, and it’s not about to slow down. Combined with disruptive advances in technology and evolving consumer expectations, we’re seeing consumer-driven health care emerge. Take, for example, the fact that employees now spend more than nine hours a day on digital devices.

There’s no doubt that all this screen time takes a toll.

  • Device screens expose users to blue light. It’s the light of the day and helps us wake up and regulate our sleep/wake cycle.
  • Research suggests blue light may lead to eye strain and fatigue. Digital eye strain is the physical eye discomfort felt by many individuals after two or more hours in front of a digital screen.
  • In fact, digital eye strain has surpassed carpal tunnel syndrome and tendonitis as the leading computer-related workplace injury in America1.

Employees are demanding visibility into health care costs and transparency in the options available so they can take control of their own health. Consumers are more knowledgeable and sensitive to cost, and as a result becoming very selective about their care.

Lack of preventive care

Preventive screenings are a crucial piece of overall health and wellness. In fact, the largest investment companies make to detect illnesses and manage medical costs is in their health plan. But if employees don’t take advantage of preventive care, this investment will not pay off. Only one out of 10 employees get the preventive screenings you’d expect during an annual medical visit2.

It's a big lost opportunity for organizations that are looking for a low-cost, high-engagement option to drive employee wellness.

How a vision plan can help

The good news is that the right vision plan can help your employees build a bigger safety net to catch chronic conditions early. It all starts with education on the importance of an eye exam.

Eye exams are preventive screenings that most people seek out as a noninvasive, inexpensive way to check in on their health; it’s a win-win for employers and employees.

  • A comprehensive eye exam can reveal health conditions even if the person being examined doesn’t have symptoms.
  • The eyes are the only unobtrusive place in a person’s body with a clear view of their blood vessels.
  • And, an eye exam provides an opportunity to learn about the many options available to take control of their health and how to protect their vision.

By screening for conditions like diabetes, high blood pressure, and high cholesterol during eye exams, optometrists are often the ones to detect early signs of these conditions and put the patient on a quicker path to managing the condition. In a study conducted in partnership with Human Capital Management Services (HCMS), VSP doctors were the first to detect signs of3:

  • Diabetes - 34 percent of the time
  • Hypertension - 39 percent of the time
  • High cholesterol - 62 percent of the time

See the original article Here.

Source:

McClelland P. (2017 March 02). The changing Landscape of Employee Benefits [Web blog post]. Retrieved from address http://blog.ubabenefits.com/the-changing-landscape-of-employee-benefits


Target employee financial needs by finding the right technology

Are you looking for new ways to help improve your employees' financial needs? Take a look at this interesting article from Employee Benefits Advisors about how the use of technology can improve your employees' financial needs by Mark Singer

We have seen how a large percentage of the American workforce has an inadequate degree of financial literacy, and how the lack of basic financial knowledge causes personal problems and workplace stress. We have also seen the importance of financial education and how raising employee literacy directly benefits the bottom lines of companies.

The financial health of employees can vary greatly between companies, as can employee numbers. Work schedules and available facilities are other issues of variance. There is also the interest factor to address. Employees must find programs interesting and beneficial, or they will not attend or glean maximum results. Financial wellness programs that may be beneficial and successful for one company may be burdensome and unsuccessful for another. To meet pressing personal financial problems effectively, cutting-edge technologies need to be applied that both address immediate employee issues and limit company expense.

There are numerous new technologies that can be utilized in a mix-and-match fashion that successfully target employee financial needs. This age of the World Wide Web brings a host of financial education tools directly to the audience. Informational videos, virtual learning programs, webinars, training portals and other virtual solutions are easily accessible over the Internet and most are quite user-friendly. This mode of education is significant. For example, 84% of respondents to a survey conducted by Hewlett-Packard and the National Association for Community College Entrepreneurship said that e-tools were valuable. The study went on to show that modalities containing some degree of online training were preferred by 56% of respondents.

Gaming and data
One form of online educational technology that is gaining momentum as well as results is known as game-based learning. This method of learning is particularly popular with the millennial generation that has grown up with an ever-increasing variety of online gaming. In 2008, roughly 170 million Americans engaged in video and computer games that compel players to acquire skills necessary to achieve specific tasks. It has been found that well-designed learning programs that utilize a gaming sequence improve target learning goals. Such games teach basic financial lessons in a fun and innovative way that requires sharpened financial skills to progress through the programs.

Technological tools not only benefit those that are utilizing them directly, but they also assist the entire community through the collection of key data. Many of the mentioned tools embed surveys within programs or collect other data such as age, income and location, which can be used to create even better educational materials or better target groups in need of specialized services.

Employers need to realize that they benefit when they utilize these new technologies in their financial wellness programs, since these tools assist workers in taking control of their financial lives. Thereby reducing their stress levels, which in turn leads to happier and more productive employees. Sometimes it is best to meet the employees where they are, with tools that are easy and fun to use.

See the original article Here.

Source:

Singer M. (2017 February 02). Target employee financial needs by finding the right technology [Web blog post]. Retrieved from address http://www.employeebenefitadviser.com/opinion/target-employee-financial-needs-by-finding-the-right-technology