Portable data drives have become a popular way to save, store and share data because they are small and very convenient. They are available at most retailers and smaller ones, like USB thumb drives, are often given away as promotional items by many companies. Download the attached PDF to learn more.
Ensuring that your restaurant is clean and serves fresh, safe food to patrons is your greatest responsibility; health inspections are a way for you to learn how to best uphold this responsibility. To observe you when you are running operations as you normally would, inspectors often make impromptu inspections. Many inspections are performed during the frenzy of mealtimes so inspectors can have an accurate view of how food is regularly prepared at your facility. Download the attached PDF to learn several ways you can effectively prepare your restaurant to make the best of these inspections.
There are several federal laws applicable to typical drug and/or alcohol testing policies which a company must adhere to:
Drug-Free Workplace Act of 1988
This Act applies to employers and contractors entering into contracts with the government in excess of $100,000 and requires that they maintain a drug-free workplace. Though this Act does not require drug testing, there are several provisions that employers must follow, download the attached PDF to learn more.
Whether your business is a Fortune 500 company or a one-man show, data security needs to be a top priority. Small and medium-sized businesses are becoming more frequent victims of data breaches, whether through their own negligence or the efforts of a malicious attack. Download the attachment to learn how protect yourself and your clients’ personal information.
Mounting or dismounting a large truck or piece of equipment without hurting yourself seems simple, but many accidents involve this type of injury. The best way to prevent falling while getting into or out of a truck, tractor cab or heavy equipment is to follow the three-point contact system. Download the attached PDF’s to learn how to protect yourself. Available in English and Spanish.
Congratulations to C-Con General Contracting on earning First Place in the 2016 Washington Business Journals “Best Places to Work – Small Company” rankings!
Shawn Clark built C-Con General Contracting with an “Ocean’s 11”-style push to find the best people he’d worked with in other jobs — and when he builds sandcastles at the beach with those staffers’ kids, he’s reminded of the culture he’s built.
Erie Insurance is a strong yet under-the-radar choice in auto insurance. It operates in only 12 states and Washington, D.C., and doesn’t advertise. Instead, Erie lets its customers spread the word about its service and policy options. Although it is best known for its auto insurance, Erie also offers other products, including life insurance and home insurance, as well as coverage for renters and landlords, umbrella coverage, boat insurance and annuities. To read more, follow this link.
Don’t miss the upcoming COSS Classes with SEE, Inc. Find out more about COSS Training Events.
Cyber Risks and Liabilities
“Phishing,” a type of cyber attack in which a hacker disguises him- or herself as a trusted source online in order to acquire sensitive information, is a common and technologically simple scam that can put your employees and business at risk. However, more resourceful criminals are resorting to a modified and more sophisticated technique called “spear phishing,” in which they use personal information to pose as colleagues or other sources specific to individuals or businesses.
A spear phishing attack is often disguised as a message from a close friend or business partner and is more convincing than a normal phishing attempt; when messages contain personal information, they are much more difficult to identify as malicious.
For businesses, the potential risk of spear phishing is monumental. A report released by the Internet Crime Complaint Center (IC3) stated that there were over 120,000 cyber crime-related complaints against businesses last year, resulting in over $800 million lost. A large majority of these attacks can be attributed to spear phishing, since the messages are designed and customized to make victims feel safe and secure.
The Basics of Spear Phishing
Any personal information that is posted online can potentially be used as bait in a spear phishing attack. The more a criminal learns about a potential victim, the more trustworthy he or she will seem during an attack. Once the apparent source gains the victim’s trust, and there is information within the message that supports the message’s validity, the hacker will usually make a reasonable request, such as following a URL link, supplying usernames and/or passwords, or opening an attachment.
Even if spear phishing perpetrators target just one of your employees, it can put your entire business at risk.
Falling for a spear phishing attack can give a hacker access to personal and financial information across an entire network. And, successful spear phishing attacks oftentimes go unnoticed, which increases the risk of large and continued losses.
How to Protect Your Business
Though it is difficult to completely avoid the risk that spear phishing attacks pose, there are ways to prevent further damage to your business. Make sure that your employees are aware of these simple techniques:
- Never send financial or personal information electronically, even if you know the recipient well. It may be possible for a third party to intercept this information, especially if the recipient is later subject to a spear phishing attack.
- Be cautious when you are asked to divulge personal information in an email. Even if it appears to be from a trusted source, it could be a hacker impersonating another person or group.
- Only share personal information on secure websites or over the phone. When in a Web browser, you can ensure a website is secure when you see a lock icon in the URL bar, or when an “s” is present in the “https” of a URL. The “s” stands for “secure” at the end of the normal “http”.
- Some spear-phishing schemes use telephone numbers, so be sure to never share information over the phone unless you initiate the call to a trusted number.
- Never click on links or open attachments from unknown sources. Even opening a file that seems familiar can give a spear phishing attacker access to personal information stored on your device.
- Ensure that your company’s security software is up to date. Firewalls and anti-virus software can help protect against spear phishing attacks.
- Encourage employees to think twice about what they post online. Spear phishing hackers often attain personal information through social media sites. Make sure that employees know how to keep this information private to protect their own security as well as that of your business.
- Regularly check all online accounts and bank statements to ensure that no one has accessed them without authorization.
- Never enter any personal or financial information into a pop-up window or a Web browser.
What to Do If You Suspect a Spear Phishing Attack
If you believe that your business has been the target of a spear phishing attack, it is important to act quickly to limit your potential losses. The first step should be to immediately change the passwords of any accounts connected to the personal or financial information of your business or its clients, and to obtain a list of recent and pending transactions. It may also be necessary to contact law enforcement.
Next, an internal or third-party IT expert should consulted to pinpoint any vulnerabilities that remain in your business’ network, and he or she can advise you on how to avoid future attacks.
If you have further questions about spear phishing or other types of cyber attacks, or if you would like to discuss potential coverage options to further protect your business, contact Preferred Insurance Services, Inc. today.
Download the PDF to share with others.