Mobile Device Security

Because of all they can offer, smartphones and tablet devices are essential to many professions’ daily operations. However, as use rises, it will become more and more important to ensure that security for these mobile devices is able to adequately protect you from new and existing threats.

The need for proper phone security is no different than the need for a well-protected computer network. Gone are the days when the most sensitive information on an employee’s phone is contact names and numbers. Now a smartphone could grant access to any number of applications, emails and stored passwords. Depending on how your organization uses such devices, unauthorized access to the information on a smartphone or tablet could be just as damaging as a data breach involving a more traditional computer system.

Lost or Stolen Devices

Because of their size and nature of use, mobile devices are at an increased risk of being lost or stolen. Since most devices automatically store passwords in their memory to keep users logged in to email and other applications, having physical possession of the device is one of the easiest ways for unauthorized users to access private information.

To prevent someone from accessing a lost or stolen device, the phone or tablet should be locked with a password. The password should be time sensitive, automatically locking the phone out after a short period of inactivity. Most devices come with such security features built in, which is something you should consider before purchasing. Depending on your cellphone provider, there are also services that allow you to remotely lockdown or erase a device in the event that it is lost or stolen.

Malicious Attacks

Mobile devices have the potential to be just as susceptible to malware and viruses as computers, yet many businesses don’t consider instituting the same type of safeguards. As reliance on these devices continues to grow, so will their attractiveness as potential targets. Third-party applications are especially threatening as a way for malware to install itself onto a device. Employees should never install unauthorized applications to their company devices.

Analyze Threats

Like any potential exposure, the level of risk brought on by mobile devices is based largely on how your company uses them. Conduct a formal risk assessment to see where your biggest risks are. Also establish when to conduct follow-up assessments to account for new exposures created by the ever-advancing state of technology.

Establish a Smartphone Policy

Before issuing smartphones to your employees, establish a device usage policy. Outline what does and does not constitute acceptable use and what actions will be taken if employees violate the policy. It is important that employees understand the security risk inherent to smartphone use and their role in its mitigation. Well informed, responsible users act as an invaluable layer of security protecting mobile devices.

Waivers of Subrogation

The regular review of every contract you sign is a highly important risk management task. This includes a contract’s waiver of subrogation clause.

Subrogation is a basic insurance concept used in insurance contracts. If a loss occurs, it typically happens through someone’s negligence. In general, the negligent or “at fault” party is liable for the cost of the loss; your insurance carrier can then choose to sue the at-fault party to recover the amount of a claim they paid for you in a process known as subrogation. You may not find the term subrogation in your contract, but it may be included—check for the terminology ”Transfer of Rights of Recovery Against Others to Us,” which some insurance policies use in place of subrogation.

When a waiver of subrogation is required in a contract, it means that you are waiving your insurance company’s right to subrogate against another party, most commonly the party you are in under contract with. Most policy contracts, with the exception of workers’ compensation, allow you to waive your rights of subrogation as long as it is done in writing and prior to the loss. Often an endorsement is added specifically referring to the exact contract as a means of clarification. However, there are associated risks:

  • In some jurisdictions, waivers of subrogation are not available. Therefore, a careful review of the state statute is required.  You should also obtain your workers’ compensation carrier’s position and agreement on waivers of subrogation.
  • Waiver of subrogation requirements should be built into a contract. The contract wording should be thoroughly reviewed to ensure the waiver of subrogation is being utilized appropriately for the situation. For example, mutual waivers may be beneficial in landlord/tenant contracts, where all parties waive their rights. However, in construction contracts, mutual waivers may not be acceptable or prudent.

The Value of Waiver of Subrogation Clauses

A waiver of subrogation clause is placed in a contract to minimize lawsuits and claims between the parties. The risk, once assigned to the insurers by the parties, is determined to stop there, without allowing the insurer to seek costs from a third party. This guarantees that if a loss occurs, the owner’s insurer pays the claim and the insurance proceeds can be used to fund the cost of repairs without determining who was at fault. Without a waiver of subrogation, litigation or arbitration is frequently needed to determine whose fault caused a loss, which can lead to long and costly delays.

Reviewing Contracts

It’s important that all contractual language mirrors your policy. As your insurance partner, we are committed to helping you understand how your policy language impacts your contractual risks. Call Tooher-Ferraris Insurance Group today to learn more about how we can assist you in mitigating your contract exposure.

Workers Compensation Insights

The Important of Prompt Claims Reporting

The rising cost of claims presents a significant challenge for employers today. However, there is a simple strategy that can significantly reduce your claims costs: report all claims promptly.

In fact, the sooner a claim is reported, the lower the cost is likely to be. Beyond cost, reporting claims promptly can help avoid unnecessary conflict with insurance companies, ensure a proper investigation, preserve employee morale and maintain compliance.

Minimize Cost

It’s no secret that delayed reporting of claims can add up to unnecessary costs for employers. Studies show that the longer it takes to report a claim, the higher the cost tends to be. For example, the National Council on Compensation Insurance (NCCI) conducted a survey and found that claims costs began to climb significantly after a lag time of just seven days. A reporting lag of 29 days or more after the incident resulted in costs that were 49 percent higher than costs of claims reported within a week.

In addition, by promptly reporting claims, day-to-day operations will be able to return to business as usual much faster, which can also save your company money associated with lost productivity.

Reduce Friction with Insurer

Many policies have reporting requirements, so it is possible that a late claim could void your coverage altogether. When your company delays reporting a claim, the process is much more difficult for a claims adjuster – making it less likely that your company will receive the most advantageous settlement or outcome.

It is also important that the insurer is able to conduct a thorough investigation as soon as possible after the incident. When reporting is delayed, the investigation can be much less conclusive due to faded memories and unpreserved evidence.

Preserve Employee Morale

Certain incidents can be upsetting for employees, and it is important for your company to demonstrate that you take the matter very seriously and care about your employees. Promptly reporting any claim can go a long way toward preserving employee morale and trust in your company.

Maintain Compliance

There are certain types of incidents that need to be reported not only to the insurer, but also to the Occupational Safety and Health Administration (OSHA). When a recordable work-related illness or injury occurs, the employer has seven calendar days to record it on their OSHA log, Form 300.

Contact Tooher Ferraris Insurance Group at 203-834-5900 to assist you in establishing effective claims reporting procedures so you can reduce lag time and protect your bottom line.

Workers Compensation – Claims Process (CT)

Third Party Action-Over Exclusions

Could an exclusion in your commercial general liability (CGL) policy leave your business liable for damages due to an employee’s injury, even though the employee already received workers’ compensation benefits? It may seem like the answer should be a simple “No,” given that workers’ compensation generally limits the remedies an employee can obtain from an employer for a work-related injury. Yet, whenever an employer assumes general liability through a contract with a third-party, the answer could be a very costly “Yes.”

This is because workers’ compensation does not bar injured employees from suing third parties, and it is possible for those lawsuits to circle back from a third party to the employer. These lawsuits are often referred to as “third-party action-over” claims. If an employer’s CGL excludes all coverage for claims involving its employees’ work-related injuries, the employer could end up facing a third-party action-over claim without insurance.

It’s a complicated risk, but understanding the nature of the potential liability and the limits and exclusions of your insurance policies is essential to protecting yourself from this exposure.

Third-party Action-over Claims Explained

In short, a third-party action-over claim occurs when an employee’s lawsuit against a third party rebounds back onto the employer because of that employer’s prior contractual arrangement with the third party. That may sound complicated, but an example can help illustrate the parties involved and the nature of the liability:

  1. A property owner hires a contractor, which has its own employees, to assist in the construction of an office building.
  2. As a provision of the construction contract, the contractor agrees to indemnify the property owner against liabilities that may arise from the contractor’s performance of the work.
  3. An employee of the contractor is injured at the construction job site.
  4. The employee files for, and collects, workers’ compensation from the contractor.
  5. In addition, the employee files a lawsuit against the property owner that alleges negligence for not maintaining a safe work site.
  6. Because the contractor agreed to indemnify the property owner in the construction contract, the property owner shifts its liability for negligence onto the contractor.

It’s important to note that the third party doesn’t have to be a property owner. Any other third party could trigger the action-over claim, as long as the employer (the contractor in the above example) has a contractual agreement with the third party that indemnifies the third party from liability.

In recent years, however, some insurance carriers have attempted to reduce their losses by amending or altering the standard CGL policy. Different carriers have adopted different tactics, but the effect has been the same—to remove the policyholder’s protection from liability in third-party action-over claims.

One provision to watch out for is the absolute employer’s liability exclusion. As its name implies, this excludes the policyholder’s coverage relating to employee injuries, regardless of the circumstances—including third-party action-over claims.

Protecting Your Business

Third-party action-over claims may seem like a convoluted risk, but in the event of another party’s negligence, that risk can become very costly. And for better or worse, there’s little else a business can do other than to make sure it has appropriate coverage.  

Insurance policies can be complicated documents, often filled with exclusions, exceptions and exclusions of the exceptions. That’s why it’s essential to work with a trusted advisor when assessing your business’s exposures and determining the right coverage to match your business’s specific needs.

Contact Tooher-Ferraris Insurance Group today at 203.834.5900 to learn more about your CGL insurance options and to make sure you’re covered.

password security

Commercial Risk Advisor: Top Cyber Threats in 2019

Predicting the Top 5 Cyber Threats in 2019

Hackers will keep exploiting cyber defense trends and new
technology to steal valuable information and cause chaos.
   

As large-scale cyber attacks continue to make headlines on a regular basis, many businesses have started to realize the importance of safeguarding their systems and data. However, hackers will keep exploiting cyber defense trends and new technology to steal valuable information and cause chaos.

Staying aware of developments in cyber security can help your business prepare an effective response plan. Credit reporting agency Experian recently released its 2019 data breach industry forecast, which predicts the five biggest cyber threats for the year:

  1. Biometrics—Device manufacturers like Apple, Google and Samsung have started to use biometric scanners as a more secure form of authentication. But as fingerprint and facial recognition systems become more popular, hackers will start to target servers that store biometric data.
  2. Digital skimming—Criminals have used skimmers to steal credit card information for decades, but hackers are looking at a digital version of this crime that can target e-commerce websites.
  3. Wireless carriersRecent security tests have found that hackers can infiltrate the signaling platform that allows wireless carriers to connect to each other. As a result, hackers may be able to start a large-scale attack on a motor carrier and remotely access data on smartphones.
  4. Cloud vendors—Hackers have targeted cloud computing systems before, but mostly focus on individual businesses instead of the service providers. If a large cloud vendor is attacked, it could expose data from thousands of businesses that assumed their data was safe.
  5. Gaming—Nearly a quarter of the world’s population play games, according to Experian. And since games require downloading third-party software and setting up anonymous accounts, hackers can easily infiltrate systems to install malware or steal financial information.
winter

Personal Lines: Life, Auto, & Home Insights

LIFE – Home Care for Cold and Flu Season

Cold and flu season is upon us, and many people will begin experiencing symptoms like sore throats, runny noses, coughs, fevers or muscle aches. While a trip to the doctor is important and can help you recover quickly, there are a number of supplemental home care strategies that can help you further recuperate.

Continue reading “Personal Lines: Life, Auto, & Home Insights”