Office 365 phishing: the latest scams your employees need to know about

/in /by

StrategyDriven Risk Management Article |Office 365 Phishing|Office 365 phishing: the latest scams your employees need to know aboutMicrosoft’s Office 365 is often targeted by scammers and cybercriminals. This is a major problem, as Office 365 is one of the most widely used software suites by businesses around the world – undoubtedly part of the reason that it is so often under attack.

Despite the fact that the UK’s National Cyber Security Centre (NCSC) has made a concerted effort to implore system admins to implement stronger cybersecurity practice, Office 365 is still exceptionally vulnerable. In fact, there is damning evidence from Microsoft itself about the security practice of its users.

Through a security dashboard available to Office 365 administrators, users are given a ‘security score’ to indicate the strength of their defences and security processes. The maximum score is 707, and yet the average Office 365 score is just 37.

Businesses using Office 365 need to ensure that they are taking their cybersecurity extremely seriously. One of the most important ways of doing this is to provide your employees with as much information on the types of attacks they can face as possible. Some of the most common scams are phishing schemes – and these can take many forms.

Some of the Office 365 scams to look out for

Cybercriminals use a wide variety of tricks in attempting to compromise users – this can involve impersonating Microsoft or other well-known businesses. While there is an almost unlimited variation in the types of scams, some of the most widely seen include the following

  • Fake meeting requests – this type of phishing scam sends messages that spoof the name and email address of a senior executive and asks the users to reschedule a meeting, by taking part in a poll to choose the new date and time. When a user clicks on the link, they are presented with what appears to be an Office 365 login page but it is in fact a phishing site.
  • Employee pay rises – this scam uses the bait of a pay rise to convince employees to give up their Office 365 login credentials. The email contains a link to an apparent spreadsheet containing details of an employee salary increase – however, the link takes the user to a phishing site that looks like the Office 365 login page. This scam is especially effective because the login page displays the user’s email address prominently.
  • Voicemail scams – this scam makes use of a genuine audio recording that requests employees allow Microsoft access to their Office 365 account, along with an almost identical login page that actually harvests the victim’s details.
  • Content scams – it is also possible for criminals to utilise Microsoft Sway – a genuine presentation software – to create a spoofed site. This looks genuine and even experienced and knowledgeable users have been tricked into entering their details. The fact that the phishing email contains a link to a genuine Microsoft product makes it very difficult to spot this form of cybercrime.
  • Conversation hijacking – this scam sees phishers infiltrate a genuine email account using previously compromised credentials, and then insert themselves into a conversion – essentially taking on the persona of the account that they have gained access to. When another employee gets an email from this ‘trusted’ colleague, they will happily click on the links they contain, which takes them through to a spoofed site.

Admins are targeted too

It is not just general employees who are targeted with phishing scams. IT administrators are singled out by cybercriminals, as their accounts typically have greater privileges and access to more company data. With access to an admin account, criminals can carry out extremely effective attacks against other members of the organisation by creating new accounts.

Administrators in Office 365 typically have access to all of the email accounts on the domain, which may allow cybercriminals to take over those accounts or retrieve emails from them.

How to improve your Office 365 security

Of course, improving employee knowledge is a vital way to reduce the effectiveness of phishing attacks. But it is also important to take a multi-layered approach to Office 365 security and put additional defences in place in order to mitigate the potential damage of an attack.

There are various steps that businesses can take such as enforce multi-factor authentication as a part of account access, as well as ensuring that administrators have a separate account for day-to-day access and only use the admin account when necessary.

It is almost important to invest in proactive monitoring of your network in order to detect any malware or unusual activity. The earlier that any suspicious activity is detected, the sooner it can be acted upon. This reduces the window of opportunity for a cybercriminal to achieve his or her intended goal.

4 Types of Insurance for Cannabis Companies: Do You Know the Hidden Traps of the Industry?

/in /by

StrategyDriven Risk Management Article |Insurance for Cannabis Companies|4 Types of Insurance for Cannabis Companies: Do You Know the Hidden Traps of the Industry?The marijuana industry is coming of age. Recreational use is legal in 12 states, while some medicinal form of cannabis is legal in 33 states plus the District of Columbia. From growing the plants to packaging the final product, there are many steps along the way where things can go wrong. Every business owner needs an emergency plan. An excellent way to start is by having the right types of insurance for their company. And a marijuana entrepreneur is no exception. There are four types of insurance necessary to protect the hefty investment in cannabis operations when problems crop up. These are product liability, general liability, crop, and cyber insurance.

How Easy Is It To Find Marijuana Insurance?

Not all insurance companies sell policies to marijuana dispensaries, retail stores, and landlords who house marijuana-related businesses or grow operations. Many insurance for cannabis companies find it too risky since marijuana remains illegal at the federal level. Coverage limits are often low since reinsurers are challenging to find. Carriers typically prefer to work with agencies well-schooled in the laws and operations used within the rapidly growing cannabis businesses.

However, the industry is rapidly growing. With $8 billion in legal sales in 2017 and an estimated $42 billion in illegal sales that same year, insurance companies expect continued increases in the legal market as more states change their laws. The market demands coverage and more insurance companies interested in entering the market. To sum up, it is possible to find insurance policies, but the agency selling the insurance should be well-versed in the unique needs of marijuana businesses and ready to do a proper assessment.

Marijuana Product Liability Insurance

A business must make sure that the product they sell or manufacture is safe for consumers. Unfortunately, even in the best-run system, faulty merchandise may be sold. If a customer is injured by any of the products sold or dispensed, it may be held responsible for that injury. This type of insurance protects the business from potentially ruinous costs. It is particularly crucial if edible products are made onsite and sold. Food poisoning is a potential claim.

Remember that product liability insurance will not cover any work-related injuries suffered by employees involved in the sale or manufacture of goods. It’s important to note that any labels affixed to marijuana or related products must list any warnings. Failing to appropriately label can lead to a claim if an injury happened because the information was not available. Keep in mind that most complaints are made against the manufacturer, but some target the retailer.

Marijuana General Liability Insurance

General liability insurance protects businesses in a variety of ways. If someone slipped and fell, that injury would be covered. Claims against small businesses are more common than many might expect. Most company’s deal with at least one claim every ten years. While that may not seem like much, the average cost of a claim is $35,000. Without coverage, those dollars would have to be paid directly out of company funds. Claims also cover advertising and third-party damages. Legal fees are covered by this insurance, as is any settlement.

General liability insurance for a marijuana business is not much different from the standard policy issued to other companies. However, a knowledgeable broker should be consulted to ensure that no special types of liability can be assigned due to the nature of the business. Since it covers the operational end, it is vital that all safety standards be in place within the workplace. Workers must be trained in safety measures to stay in compliance. Since many growers add additional labor during harvest, these policies can often be expanded to cover their work time.

Marijuana Crop Insurance

Growers may find crop insurance tough to purchase. The crop insurance typically bought by farmers is subsidized by the federal government. Since cannabis remains illegal at the national level, this type of subsidy is not available to grow operations. It shields growers from plant loss due to weather events, such as floods, hail, or drought. Drops in crop yield or a sudden decrease in price may be protected with these policies. The cost of the insurance coverage for greenhouses will depend upon the volume grown and if the crop was planted in the open air or within a greenhouse.

Marijuana growers can cover their seeds, seedlings, and fully mature plants ready for harvest. It also includes the curing process, the time spent hanging to dry, and the product that is ready to ship. In many areas of the nation, fires have become severe. These fires have affected marijuana grow sites. It is especially important to carry crop insurance when growing in regions with massive wildfires.

Cyber Insurance

Cybercrime is on the rise all over the world, and businesses must protect their private information as well as protected information received from customers. Customers share their personal credit card information and may share their medical information at dispensaries. Cyber insurance for marijuana-based industries can be cumbersome to obtain since very few carriers offer cyber insurance policies. That’s because the situation is so volatile when it comes to hackers that the risks have not yet been properly assessed.

Evaluating an individual business requires that essential questions be asked. Is it a cash-only business? If this is the case, customer credit card information will not be collected. Is medical information collected? Is sensitive employee data stored online? To get a better rate, a solid plan of protection such as a firewall to protect data stored on computers should be installed. If a business is hacked, the ensuing expenses will be covered by the policy.

The marijuana business has grown. There is no doubt about that. And its infrastructure is expensive. Without insurance, owners place themselves in a position of losing everything if an accident occurs or a freak of nature leaves them without any product. Having product liability, general liability, crop, and cyber insurance is a good starting point to fully protect growers, retailers, landlords, and dispensaries. In the past, insurance was not available. However, with marijuana industry growth, more and better coverage can be had.

How to Create a Safe Working Environment

/in /by

StrategyDriven Risk Management Article |Safe working environment |How to Create a Safe Working EnvironmentAll employers have to provide their employees with a safe working environment. Failing to care for the health and wellbeing of your staff can lead to workplace accidents and injuries, which will harm productivity and affect your bottom line over time. It is also likely to impact employee engagement and result in low levels of satisfaction in the workplace. Health and safety should, therefore, be a top priority for all businesses. With that in mind, here are some suggestions on how to create a safe working environment:

Identify potential workplace hazards

All workplaces have some potential health risks. This includes physical hazards such as trips and falls, along with ergonomic hazards, including musculoskeletal injuries caused by poor posture. Some working environments may also have additional risks, such as biological and chemical hazards. Employers have a legal responsibility to identify potential workplace hazards and take reasonable steps to control the risk. Managers should carry out a regular risk assessment and look at work activities to determine what hazards are present in the workplace. They should then decide what control measures should be implemented to help minimize the risk of damage or injury. There is an excellent variety of resources providing guidance on how to carry out an assessment in the workplace.

Offer quality employee training

Employees must receive training on health and safety and be educated on the best practices to follow in the workplace. Making your staff aware of potential hazards will help them avoid accidents and injuries in the workplace. For instance, your team should be trained on how to safely lift and move heavy items and how to operate work machinery correctly. Ideally, you should provide regular training sessions on health and safety and enforce strict safety regulations in the workplace to help protect your staff. You can encourage employees to follow safety compliance by implementing clear policies and placing visual signs around your workplace that remind employees of the rules in place.

Provide the right equipment

Employees should always be provided with any equipment needed to complete their work activities safely and effectively. Failing to provide the right equipment will harm workplace productivity and may contribute to accidents and injuries in the workplace. For that reason, it is worth investing in reliable, high-quality tools and equipment. Employees must also be provided with uniforms and protective equipment, particularly if they are working in a high-risk environment such as construction. For example, staff will require shielding solutions like lead-free radiation shielding if their job role requires them to come into contact with radiation. Employers should complete a risk assessment to identify what tools and equipment their staff need to carry out their work tasks safely.

Conclusion

Every employee deserves to work in a safe environment, and employers should take steps to protect the health and wellbeing of their teams. Fortunately, there are plenty of simple ways to maintain a safe and positive working environment for your employees. Use the above tips to boost safety levels in your workplace today!

Figuring Out the Best Way to Get Your Business Insured

/in /by

StrategyDriven Risk Management Article | Figuring Out the Best Way to Get Your Business Insured

40 percent of businesses don’t reopen after a disaster. That’s the bad news.

The worst news? We’re in the middle of a disaster. The COVID-19 pandemic is taking the economy to the cleaners and leaving many small businesses on their death bed.

The good news? As a business owner, there are steps you can take to protect your business from foreseen and unforeseen disasters. One such step is to purchase adequate commercial insurance.

This sounds easy and straightforward, but it’s not. You must find out the best way to get your business insured; otherwise, you could end up underinsuring or even over-insuring your company.

Continue reading to learn how to go about insuring your business.

Identify and Assess Your Risks

Every business faces a wide range of risks.

Some risks affect all kinds of businesses regardless of their industry or niche, and others only affect certain types of businesses. For example, owners of medical practices face malpractice risk. Restaurants don’t face this kind of risk.

However, both businesses do face a fire risk. An electric fault can result in a fire that razes down the buildings that house both businesses.

As such, the first step to insuring your business adequately is to identify all the risks it faces. You can do this on your own or you can hire a risk assessment professional to help you.

If you’re hiring a professional, ensure they’ve got enough industry-specific experience. If you own a logging business, for example, an industry risk specialist is in a better position to identify logging insurance risks than a risk pro who specializes in the retail industry.

After identifying all your risks, assess their threat-level. Which risks pose a more imminent threat? Which ones are less likely to affect your business?

Next, what amount of damage is every risk likely to cause?

With a proper risk assessment, you’ll know the amount of coverage you need to protect your business.

Determine the Kind of Insurance Policies You Need

Wouldn’t it be awesome if insurance policies offered a blanket policy that covers all the risks your business faces?

Well, some large insurance companies offer customized policies, but it would rarely be a blanket policy. Also, there’s the general liability insurance policy that covers most of the risks your business faces, but it’s barely adequate on its own.

Yet, a common mistake small business owners make is purchasing general liability insurance and stopping there. Don’t make this mistake.

There are several other types of business insurance policies you should buy, depending on the nature of your business. Here are some of those policies:

Property Insurance

If you run a brick and mortar store and you own the building, purchase property insurance.

Your building faces a number of risks that can result in extensive damage. Fires and natural disasters, such as floods and windstorms, can destroy the building, forcing you to abandon it until repairs are made.

A property insurance cover will compensate you for the damage and other losses.

If you run a home-based business, you might want to add on to your homeowners’ insurance policy, so that it covers your commercial activities as well.

Business Interruption Insurance

You don’t need to look beyond the coronavirus to see how a disaster can disrupt your business operations.

During such times, business interruption insurance is your ally. Depending on the terms of coverage, the insurer should compensate you for the losses you make during the interruption period.

Workers’ Compensation Insurance

Do you have more than 3 employees?

In most states, that’s the requirement for purchasing workers’ compensation insurance. When an employee gets injured on the job, you won’t worry about compensating them for their medical expenses and other losses. Your workers’ comp provider will do that.

Cybersecurity Insurance

If your business has digitized some or all of its operations, it’s imperative to buy cybersecurity insurance.

43 percent of online attacks now target small businesses like yours, which means your risk level is high. A cybersecurity insurance policy will protect your business from the effects of an attack, including business interruption and data loss.

Other types of insurance you might need include product liability insurance and commercial vehicle insurance.

Find the Best Insurance Provider

You’ve probably heard horror stories of insurance companies that refuse to settle claims. If you don’t do your homework when looking for an insurance provider, you might end up telling such stories.

You want to work with a legitimate, reputable insurance company.

Read up online reviews about a specific insurance carrier before giving them your money. What are past and current clients saying about their service quality? Do they take forever to settle valid claims?

Also, you want to work with an insurance company that provides most, if not all, of the insurance policies your business needs. This way, you’ll be in a better position to negotiate for discounts when renewing your policies.

Consider Self-Insurance

Large corporations don’t typically purchase insurance from other companies. They self-insure, simply because they can afford to cover their risks from their deep wallets.

Self-insurance isn’t just for big companies, though. Even small businesses can develop a self-insurance plan, as long as you know how to go about it.

One effective way is to set up a captive insurance company. This is just like any other insurance firm, only that it is wholly owned by your parent business. You have complete control over its operations.

Get Your Business Insured the Right Way

Getting your business insured adequately can be a costly task, especially if you’re a small business running on a tight budget. However, it’s the right thing to do. Even a minor disaster can bring your business to its knees when you don’t have insurance.

With this guide, you now have the information you need to insure your business the right way.

Keep reading our blog for more business tips and advice.

Is hiring an attorney is necessary after a car accident?

/in /by

StrategyDriven Risk Management Article |Car Accident|Is hiring an attorney is necessary after a car accident?Car accidents are the most distressing thing that could happen to a person. A minor mistake can cause severe injuries and irreparable harm. It may also cause various damages and inconveniences. In case of a car accident, you might think that it’s not a big problem and you can deal with it by yourself, or you can go now to an expert’s website and see the many reasons to hire an expert attorney who could help you in solving the issues related to the car accident.

What is the right time to hire an attorney?

If you got a car accident in Texas or any other State, don’t feel that you are unlucky because there are several car accidents reported. According to research in 2015, more than 151,000 car accidents happened in Texas, resulting in about 23,000 injured and more than 600 people lost their lives. Some of the car accidents were more worsen as compared to others but most of the victims think that their insurance company will help them and pay for the valid claim. Unluckily, this doesn’t happen in all cases.

The insurance company would try to find conflict because they are working for making money. The main motive of the insurance company and its representatives is to solve the issue at a minimum amount of compensation. You can consider their motive improper or contradictory. If they pay a huge compensation amount to every victim, they can’t do their business in profit. The insurance company doesn’t take your interest into their priority list, therefore it doesn’t offer a fair and full settlement amount unless you have an expert lawyer for your case who will protect your right vigorously. All the help you need on your Truck accident case is here at bendominguez.com

The insurance company can do two things to undermine your claim. Firstly, their representative will try to make you plead guilty to the accident so that they can reject or lessen your claim. This is one of the main reasons to avoid insurance agents or testify without consulting your attorney. Another thing is that the insurance company will try to make you agree on a quick settlement amount which is less than your case costs.

Why it is best to hire a Texas Car Accident Attorney?

Although Texas is a state where the ratio of car accidents is very low, if you don’t understand the State laws about compensation, a car accident could be a difficult case for you. There are various deadlines for filing a personal injury and property damage claims, as well as rules for guilt. The Texas Department of Insurance says that you can file a health or personal injury claim under the following conditions:

  • Medical expenses more than $1000 due to the injuries
  • Any bone fractured
  • Permanent injury or permanent disfigurement
  • Death

When you face a car accident, the period after the incident is probably full of anger and uncertainty. You not only need medical care, but you also suffer the loss of work and you have to pay the cost of repairing your vehicle. Here are some other reasons to hire a Houston car accident lawyer, San Antonio car accident lawyer, or Kansas City car accident lawyer earlier:

  • An expert attorney has complete knowledge of the law. Your car accident lawyer will have the intimate knowledge of the Texas laws and rules that pertain to your case. This is the main advantage of hiring an attorney because this is the reason your insurance company uses to undermine your claim.
  • An attorney will help you with your work. Filing a lawsuit and settling an insurance claim needs a lot of work to be done, particularly if you have been injured. Your attorney’s legal team can help you in collecting all the necessary documents for your case as well as file the proper paperwork for any necessary court appearance.
  • A professional Lawyer. If a lawsuit becomes compulsory, your lawyer will negotiate with the insurance company and will also represent you before the judge and jury.

Look at a personal injury attorney whom you can trust

However, choosing a personal injury car accident lawyer is a personal choice, although, a small accident can result in a serious financial loss that will all the conditions to file a lawsuit, and you cannot depend on the insurance company to do something for you. Hiring an expert attorney will give you relaxation from a stressful situation.