There are probably laptops out there that are physically worth a million dollars or more. However, I am referring to the laptop with valuable data on it that can be worth millions to a thief. Do you take a laptop with you regularly on business and travel? If you are a business owner, what's your policy on securing sensitive company and client data on yours and staff's equipment? The information on your employee's laptop could be very valuable to identity thieves or someone willing to sell the information to say a competitor.
We are in the middle of the information era. Businesses are relying on computer systems to store, share and process almost every transaction imaginable. Even if you are not in the financial sector and think you are not at risk for data theft or network security, here are some questions to ask:
- Do we collect client social security addresses, dates of birth, driver's license numbers, home addresses, email addresses, or any other information that could be deemed sensitive?
- Do our employees have access to sensitive information remotely?
- Do employees use their smart phones for business? Are we able to do a remote wipe of information should their devices be stolen or disappear?
- Do we have adequate company policies and procedures in place relating to accessing information?
- Do we physically or digitally shred documents that possess this sensitive information when we are done with them?
We are seeing more and more companies requiring our clients to have Network Security and Privacy Insurance. This coverage is designed to cover a data breach after the loss of information and can protect an insured from the loss of information and the clean up involved even if no breach occurs. Did you know it can cost thousands of dollars to notify individuals of a data breach where they could be at risk? In most states you are required to physically mail notification of the data breach to those affected. Some businesses go further and offer credit score reporting to affected parties so they can be sure their credit and or identity were not compromised. Let's say your employee lost a laptop with 5,000 client names and social security numbers (or some other private information). The cost to mail would be in the $3,000 range alone not considering the time involved. If credit reporting was mandatory of offered it could be an additional $125,000!
Whether you are required to carry Network Security and Privacy Insurance or not, it may be time to consider adding it to your coverage portfolio. Every business seems to have some exposure to data compromise. Your laptop may not look like a million dollars, but you would be surprised of it's true value... Please consult with us if you have any questions on this or other risk that your business faces.