keyboard_backspaceBack to main blog page

Scurich Insurance Services - Blog

Scurich Insurance Services has been serving the Monterey Bay Area since 1924. Our mission is to partner with our customers and provide them superior service and value. We are a member of United Valley Insurance Services, Inc., a cluster of over 70 California Independent Insurance agencies, which produced over $530,000,000 of annual premium last year. At Scurich Insurance Services we understand your business and our community. Our customers look to us for comprehensive solutions. We have established relationships with more than 40 of the nation’s leading insurance providers, which allows us to deliver multiple, competitively-priced options and a team of experts to guide you through the process. When you need to file a claim, change a policy or process a certificate you can depend on Scurich Insurance Services to respond quickly to your request. SERVICES In order to provide value added benefits to our customers that go beyond the insurance policy Scurich Insurance Services offers the following additional services: Safety Programs – English and Spanish OSHA Compliance Safety Policies – English and Spanish Online OSHA 300 Log Safety Posters and Payroll Stuffers - English and Spanish Certificates of Insurance – If received before 3:30pm done the same day Risk Management Consulting Brokerage Services Represent most major insurance companies to better market your account. Safety tapes/DVD’s BUSINESS LINES Commercial Commercial Packages Business Auto Workers Compensation Umbrella Bonds Directors & Officers Professional Liability Employment Practices Liability Personal Auto Home Umbrella Recreational Vehicles Boatss Life & Health Individual Medical Individual Life Group Medical Group Benefits

Search Results

Posts in category Cyber Liability Insurance - Cyber Liability Insurance

What’s more secure; financial records locked in a filing cabinet or financial records stored in the cloud?

Author TonyScurich , 7/29/2016
Pop quiz time. What's more secure; financial records locked in a filing cabinet or financial records stored in the cloud? If you don't understand how cloud security works, you probably said the filing cabinet. It's time for a little mythbusting about how secure your paperless office could be. Last week, Cindy Bates posted on the Microsoft SMB Blog about the benefits of a completely paperless office. Like Delta Airlines, who recently switched to the paperless cockpit, it's possible for any office or organization to ditch the dead trees and move entirely into the digital space. One of the first questions decision makers ask when considering the paperless office is "how secure is this?" It's a fair question, so let's consider Delta's paperless cockpit example and overall data security. The problem with paper is that, well, it's paper. Paper gets lost, it burns, it can be misfiled and disappear. It's only as secure as its physical location. If that location is a locked filing cabinet (or a vault under Fort Knox), if someone really wanted to get to it, they could. A file in the cloud cannot burn, be stolen, accidentally left behind in a restroom, or any other number of things that could affect a hard copy of important information. For a recent example, take a look at the Internet Archive, whose scanning facility in San Francisco caught fire. Although no data was stored in their San Francisco office, if it had been, cloud redundancies would have prevented any loss. But what about a data center, such as what powers Windows Azure or Office 365? Let's start with physical security: data centers are monitored 24 hours a day, 365 days a year. A team of ninjas could, in theory, break in, but they'd still have to know which of the thousand machines contained your exact data—so unless you've upset the cast of Ocean's 11, it's significantly less likely than an office fire that could destroy physical data. In addition, with Office 365, data transmitted across networks is encrypted—so if some agency (or other villain) happens to tap the wires, they still won't be able to read your files. While a move to a paperless office does not entirely guarantee data security—there are still those ninjas to think about—it is significantly more secure than leaving your information in paper form, where it could be destroyed or stolen with greater ease. It's just one more reason to go paperless.  

Mobile security and the ways to mitigate data risk in a BYOD environment

Author TonyScurich , 7/27/2016
Mobile devices are the mighty double-edged swords of today's workplace. On the one hand, they provide greater integration of information, on the other, they could be your business's one-way ticket to a catastrophic security breach. This week we had the amazing opportunity to speak with Anthony Kinney, Microsoft's Verizon Partner Manager, about mobile security and the ways to mitigate data risk in a BYOD environment. According to Kinney, the three main security risk areas associated with BYOD are:
  1. Data loss prevention, which has to do with securing the data on a device in the case of it being lost or stolen.
  2. Data in transit, which is most often protected by encrypting information to ensure that all communications between the device and backend infrastructure are secure.
  3. Data leakage, which is about keeping a user's work and personal information separate. In other words, "protecting users from themselves."
We asked Kinney what Microsoft is doing to make sure that moving to a pocket office doesn't mean introducing security risk. He discussed how our multilayered approach to security makes adopting a BYOD policy far less of a risk, with solutions like Secure boot technology, remote "wipe" capabilities, and automatic cloud storage (among other security solutions). What makes the greatest difference, however, are the actions a company takes to ensure that their data is secure. The way Kinney sees it, employees jailbreaking and rooting devices is one of the largest risk factors for companies who allow employees to BYOD. What those companies do is implement third-party services to "containerize the data," so it never actually goes onto the local device. According to Kinney, Windows Phone solves for this by protecting the data at the data center level before it even gets to the device. This means each document can have specific edit/view/share settings so that when it's accessed on a mobile device it can't be 'saved as' or forwarded to another cloud service, depending on what the settings permit. This way the phone fully understands the corporate policies on the document, helping IT to provide security—even at the file level. This level of device integration with your data allows your company to consider a BYOD or CYOD policy without the need for third-party security solutions—which themselves offer another point of potential failure and risk. By working with your existing desktop OS, email, and other systems, the native Windows Phone OS helps mitigate data loss risk for your pocket office by preventing it in the first place.

Cybercrime: A Growing Threat

Author TonyScurich , 4/1/2016
4

The more heavily your business relies on electronic technology, the greater your vulnerability to cybercriminals.

Criminal activity conducted through the Internet impacts businesses of all sizes. One study found that companies with 100 or fewer employees accounted for 72% of data breaches worldwide. Today's cybercrimes put your grandmothers' spam email list to shame. According to a nationwide study by Ponemon Institute, the median annual cost of cybercrime for a large company in 2011 came to $5.9 million. Cybercrime covers a variety of activities, from malicious codes and hacks in which private client or company information is made public or stolen, to disruption of normal operations. Perpetrators include rogue employees, "hacktivists" seeking to make a political statement, or third parties seeking financial gain. Businesses, such as coffee shops, that allow customers on their premises to use Wi-Fi face unique risks. In one case, a Hollywood producer sued the owner of a restaurant offering Wi-Fi access after a customer used the network to download a film for bootlegging. To help protect your business against potential losses from cybercrime, here are some recommendations:
  1. Review your specific exposures. For example, if you allow people outside the company to use your WiFi, this can increase your exposure.
  2. Focus on the human element in data security by offering employees effective training and specific guidelines.
  3. Re-evaluate your guidelines frequently.
  4. Evaluate the potential risks of adopting new technology.
Last, but not least, make sure that you carry adequate Cyber Liability Insurance. Our agency would be happy to tailor cost-effective coverage to your needs, and help you develop and implement a comprehensive program for managing your exposure to cybercrime.

What’s more secure; financial records locked in a filing cabinet or financial records stored in the cloud?

Author TonyScurich , 1/29/2016
Pop quiz time. What's more secure; financial records locked in a filing cabinet or financial records stored in the cloud? If you don't understand how cloud security works, you probably said the filing cabinet. It's time for a little mythbusting about how secure your paperless office could be. Last week, Cindy Bates posted on the Microsoft SMB Blog about the benefits of a completely paperless office. Like Delta Airlines, who recently switched to the paperless cockpit, it's possible for any office or organization to ditch the dead trees and move entirely into the digital space. One of the first questions decision makers ask when considering the paperless office is "how secure is this?" It's a fair question, so let's consider Delta's paperless cockpit example and overall data security. The problem with paper is that, well, it's paper. Paper gets lost, it burns, it can be misfiled and disappear. It's only as secure as its physical location. If that location is a locked filing cabinet (or a vault under Fort Knox), if someone really wanted to get to it, they could. A file in the cloud cannot burn, be stolen, accidentally left behind in a restroom, or any other number of things that could affect a hard copy of important information. For a recent example, take a look at the Internet Archive, whose scanning facility in San Francisco recently caught fire. Although no data was stored in their San Francisco office, if it had been, cloud redundancies would have prevented any loss. But what about a data center, such as what powers Windows Azure or Office 365? Let's start with physical security: data centers are monitored 24 hours a day, 365 days a year. A team of ninjas could, in theory, break in, but they'd still have to know which of the thousand machines contained your exact data—so unless you've upset the cast of Ocean's 11, it's significantly less likely than an office fire that could destroy physical data. In addition, with Office 365, data transmitted across networks is encrypted—so if some agency (or other villain) happens to tap the wires, they still won't be able to read your files. While a move to a paperless office does not entirely guarantee data security—there are still those ninjas to think about—it is significantly more secure than leaving your information in paper form, where it could be destroyed or stolen with greater ease. It's just one more reason to go paperless.

Mobile security and the ways to mitigate data risk in a BYOD environment

Author TonyScurich , 1/25/2016

Mobile devices are the mighty double-edged swords of today's workplace. On the one hand, they provide greater integration of information, on the other, they could be your business's one-way ticket to a catastrophic security breach. This week we had the amazing opportunity to speak with Anthony Kinney, Microsoft's Verizon Partner Manager, about mobile security and the ways to mitigate data risk in a BYOD environment.

According to Kinney, the three main security risk areas associated with BYOD are:

  1. Data loss prevention, which has to do with securing the data on a device in the case of it being lost or stolen.
  2. Data in transit, which is most often protected by encrypting information to ensure that all communications between the device and backend infrastructure are secure.
  3. Data leakage, which is about keeping a user's work and personal information separate. In other words, "protecting users from themselves."

We asked Kinney what Microsoft is doing to make sure that moving to a pocket office doesn't mean introducing security risk. He discussed how our multilayered approach to security makes adopting a BYOD policy far less of a risk, with solutions like Secure boot technology, remote "wipe" capabilities, and automatic cloud storage (among other security solutions).

What makes the greatest difference, however, are the actions a company takes to ensure that their data is secure. The way Kinney sees it, employees jailbreaking and rooting devices is one of the largest risk factors for companies who allow employees to BYOD. What those companies do is implement third-party services to "containerize the data," so it never actually goes onto the local device.

According to Kinney, Windows Phone solves for this by protecting the data at the data center level before it even gets to the device. This means each document can have specific edit/view/share settings so that when it's accessed on a mobile device it can't be 'saved as' or forwarded to another cloud service, depending on what the settings permit. This way the phone fully understands the corporate policies on the document, helping IT to provide security—even at the file level.

This level of device integration with your data allows your company to consider a BYOD or CYOD policy without the need for third-party security solutions—which themselves offer another point of potential failure and risk. By working with your existing desktop OS, email, and other systems, the native Windows Phone OS helps mitigate data loss risk for your pocket office by preventing it in the first place.


You've Been Hacked! Spread The Word

Author TonyScurich , 12/28/2015

No matter how prepared you are – or believe you are – you can still suffer a cyber-security breach. What you do next can have a profound impact on the reputation of the business, customer loyalty, employee morale, and, ultimately, your bottom line.

An effective communication strategy should follow these guidelines:

  1. Notify key regulatory and legal authorities as soon as possible, unless this might impede a criminal investigation. Even if notification isn’t required by law, it’s an important courtesy.
  2. Make sure that staff roles and responsibilities for communicating the breach are outlined and understood clearly.
  3. Tailor the notification process to the audience – high-value customers, senior employees, or individuals who might particularly vulnerable (such as the elderly, the disabled, and minors) and to the nature of the breach; handle the theft of confidential client information differently than stealing employees' Social Security numbers.
  4. Have legal counsel review the method and content of all communications.
  5. Prepare for media inquiries to deliver a clear message for parties affected directly or indirectly. Be sure that your spokesperson is qualified and trained to deal with the media.
  6. Provide ways for victims of the breach to ask additional questions and/or learn how to minimize potential harm.
  7. Test the plan: If you had to execute it, how well did it work, and how did you update it? Many businesses have discovered holes in their response plans after failing to consider the impact of a cyber security breach on daily operations, or underestimating the attention the event drew.

To learn more about spreading the word after a data breach, please get in touch with us.