Every type of insurance policy collects sensitive data to determine and qualify risk. Insurance agents and brokers collect full names, dates of birth, social security numbers and payment information from every prospective customer.
Since today’s insurance marketplace requires every insurance professional to be connected to the Internet, it is imperative that they keep this accumulated sensitive data safe.
There is no better way to ensure financial devastation in your business than to allow hackers to steal the sensitive data of your cherished prospects and clients during a security breach. As more and more businesses use wireless connections, hackers can instigate threats to your network in many different ways:
Threat 1: The Lone Wolf Hacker
Your worldwide Internet connection puts you at risk from hackers, whether they’re living down the street or across the globe—and they can penetrate any wireless device in your office without your knowledge. By the time you’ve realized a breach has taken place, the sensitive information that belongs to clients and employees is already up for sale.
Hackers can be individuals, small groups or even large syndicates intent on stealing data and selling it on the black market. Hackers may also use “ransomware” to force their target to pay a ransom or lose access to all the data stored on their computer or device.
Threat 2: Your Employees
Ponemon Institute surveyed 945 individuals who were laid off, fired or quit their jobs in the past 12 months for the "Jobs at Risk = Data at Risk" survey, showing that 59% admitted to stealing company data.
Your former employees have the ability to wreak havoc on your company out of spite. Your current employees have that ability even more so. It is not uncommon to hear about a server in your favorite restaurant who was caught stealing data from customers’ credit cards, or a nursing assistant at your primary physician’s office stealing and then selling private information. What about your employees? Have you taken the necessary pre-employment steps to make certain you can trust them, or do you simply assume you can?
Threat 3: Mobile Devices
Allowing your employees to use their own mobile device, tablet or laptop to access your network without proper security measures is like giving them the keys to the office and the security code for the alarm system. The insurance industry is especially vulnerable since a large segment of the workplace typically telecommutes.
Mobile devices are the most common form of communication for insurance agents and brokers who are usually out of the office during the day. Most agents and brokers can access their CRM from their phone and therein lies a significant risk. Accessing unsecured wireless networks via your smartphone is a recipe for disaster if there ever was one.
Threat 4: Third-Party Service Providers
Generally speaking, this could be a very large category. For the insurance agent or broker, third-party service providers typically consist of companies hired to help complete the insurance transaction.
For property-casualty insurance, this might include property inspectors and motor vehicle records agencies, either private or state controlled. For life-health, this might include medical exam providers, as well as agencies like MIB Group, Inc. (formerly The Medical Information Bureau Inc.). For commercial insurance, this might include building inspectors, credit agencies and Comprehensive Loss Underwriting Exchange.
All these agencies—and others—transmit sensitive client data over the Internet directly to the agent or firm that has a valid subscription. These transmissions, if intercepted by a hacker, can open a gigantic hole in the security net over your network and put your clients at risk.
Sophisticated hackers can obtain your valued clients’ sensitive and private information 24/7. That makes implementing a security program at your agency essential in mitigating risk and protecting the information with which you are entrusted.
Ken Butler is the founder & manager of Evolution Agency Management, an agency management system.