Steps to Reduce Cyber Liability Exposures

Steps to Reduce Cyber Liability Exposures

Centralize Responsibility for Digital Data Security

Appoint one person to be responsible for identifying and correcting weak points in the organization’s computer security system. This may be the responsibility of the company’s chief information officer, IT manager, or risk manager. The crucial point is that a single individual should be accountable for discovering and fixing any cyber and privacy-related vulnerabilities.

Manage Data (both print and digital)

Only collect sensitive data that is required for business purposes.

Do not keep data any longer than necessary.

Limit access to sensitive information.

Know what data is kept and where

Understanding what type of data is being stored and where it is being stored will provide insight as to where security measures should be employed.  For instance, if sensitive information is stored on laptops or mobile phones, then technology providing the ability to wipe devices clean if lost or stolen might be employed to mitigate loss.   

Physically Secure Servers

Servers should be physically secure and protected with access limitations, locks, and fire protection systems.

Segregate Access to Data on a Need to Access Basis

Make use of firewalls and credential programs to ensure access to data is only available to those that need such access to perform their business function. This is especially true for vendors that are given access to your computer systems – avoid the situation experienced by Target when a hacker gained entry into Target’s POS data systems through their HVAC vendor! The same should be employed with internal personnel – firewalls, passwords and employee identification numbers.  

E-Mail Security 

Invest in encryption software and establish e-mail guidelines that reduce the chance that sensitive data is intercepted. 

Laptop Security

Use:

  • antitheft technologies 
  • data back up
  • encryption software
  • content wiping technology

HR practices

Termination procedures should include the process of immediately deleting that person’s access to any computer systems. Changing passwords following the departure of an employee who had access to company systems can reduce the likelihood that a disgruntled employee will impair electronic communications within an organization – this is a large source of cyber claims.

Create, train employees and enforce corporate social media policies that apply to all employees, including executives.

Train employees to delete emails from unknown sources and to question attachments before opening to make sure they are legitimate.

Bottom Line

While you cannot eliminate all threats, employing as many security measures as possible will greatly reduce the chance of a data breach.

Call us for more information on cyber insurance 858-202-6187