The Essential Guide To Password Managers

Passwords – it’s a topic that gets discussed a lot, but surprisingly, many people still don’t use effective methods to manage their passwords.

A Common Mistake: The Post-It Note Dilemma

Let me tell you about an experience I had recently. I was at a client’s office, helping him complete an application that required access to his bank account. He turned around, grabbed a yellow Post-It note from his credenza, and handed it to me. I was taken aback. He had his banking password scribbled on that little piece of paper!

I didn’t say anything at first; we completed the application without a hitch. But before I left, I couldn’t help but bring it up. “You know,” I said, “there’s a much better way to keep track of your passwords.” He shrugged it off, saying it was no big deal and that he only wrote down the passwords he used the most.

The Risks of Traditional Password Storage

Storing passwords on Post-It notes or in a notebook in your desk might seem harmless, but it’s fraught with risks:

  • Easy Access for Intruders: Anyone who gains access to your office can easily find your passwords.
  • Loss or Damage: A Post-It note can fall off, get thrown away, or simply be misplaced, leaving you locked out of your accounts.
  • Lack of Security: Physical notes don’t offer any encryption or security features, making it easy for anyone to steal your information.

The Solution: Password Managers

That’s where password managers come in. A password manager is a digital tool that securely stores and organizes your passwords. Here’s why you should consider using one:

Benefits of Password Managers

  1. Security: Password managers use strong encryption to keep your passwords safe.
  2. Convenience: You only need to remember one master password to access all your accounts.
  3. Password Generation: Many password managers can generate strong, unique passwords for each of your accounts.
  4. Accessibility: Access your passwords from any device, anywhere.

How It Works

You enter all your accounts and passwords into the password manager, and it keeps them securely stored. The best part? It can create complex passwords for you, significantly enhancing your security. All you need to remember is one master password, and the password manager does the rest.

My Personal Experience

I use a password manager myself, and it has been a game-changer. No more scribbling passwords on sticky notes or worrying about losing access to my accounts. It’s a great tool, and I genuinely believe everyone should look into it.

So, if you’re still using Post-It notes or notebooks to store your passwords, it’s time to make a change. A password manager is a small investment for a huge payoff in security and peace of mind.

Stay safe online, and remember, I’m Don Ivol, your insurance guy.

Personally Identifiable Information (PII) and Its Importance In Protecting Small Firms

In today’s digital age, protecting Personally Identifiable Information (PII) is not just a necessity for large corporations but a critical task for small firms as well. The rise in cyber threats has made PII protection paramount for businesses of all sizes. But what exactly is PII, and why is it so crucial for small firms to safeguard it?

Understanding PII

PII refers to any data that can be used to identify a specific individual. This includes names, addresses, phone numbers, social security numbers, and more. For small firms, this information is often collected from customers, employees, and even business partners. The protection of this data is essential in maintaining trust and ensuring compliance with various regulations.

The Growing Threat of Cyber Attacks

Cyber threats are becoming increasingly sophisticated, and small firms are not immune. In fact, small businesses are often seen as easy targets by cybercriminals due to their sometimes lax security measures. A single breach can lead to significant financial loss, legal repercussions, and a damaged reputation.

Why PII Protection is Crucial for Small Firms

  1. Trust and Reputation: Customers trust businesses with their personal information. A breach can shatter this trust and damage the firm’s reputation.
  2. Compliance: Various regulations require businesses to protect PII. Non-compliance can result in hefty fines and legal issues.
  3. Financial Protection: Data breaches can be costly. Protecting PII helps prevent financial losses associated with cyber attacks.

Engaging and Informative Resources

To illustrate the importance of PII protection, we’ve created a video featuring “Don I, Your Insurance Guy!” Don breaks down complex insurance topics into simple, easy-to-understand segments, making it clear why PII protection is a must for small firms.

Don’s engaging explanations and real-world examples will help you understand the critical steps needed to protect your business from cyber threats.

In summary, PII protection is not just a regulatory requirement but a business imperative. By taking proactive steps to safeguard personal data, small firms can prevent cyber attacks, maintain customer trust, and ensure long-term success. Stay informed, stay protected, and ensure that your business is a fortress against cyber threats.

For more information and detailed guidance, contact us today! Protecting PII is an ongoing effort, and staying vigilant is the key to safeguarding your small firm.

Protect Your Investment: The Importance of Cyber Insurance

The Realities of Cyber Threats

In today’s digital age, the threat of cyber theft and wire transfer fraud is more prevalent than ever. As we navigate through significant life events, such as buying a new home, it’s crucial to ensure that all aspects of the transaction are secure. This includes verifying that your wire transfers are protected by cyber insurance.

A Personal Experience from Don I.

Recently, my wife and I made the exciting decision to purchase a new home. Sitting at the closing table, a day that should have been filled with joy and celebration, I found myself distracted by a nagging concern: Does this transaction have cyber insurance coverage for wire transfers?

My wife noticed my unease and asked what was wrong. I expressed my concern to her and then to the closer, asking, “Do you have cyber insurance that covers wire transfers?” To my surprise, the closer didn’t know and had to check with a supervisor. Fortunately, they returned with confirmation that the insurance was in place, allowing me to relax and enjoy the moment.

Why Cyber Insurance Matters

The experience highlighted the importance of cyber insurance, especially in protecting against wire transfer fraud. Cyber threats are not just a distant possibility; they are real and can strike at any time, potentially turning a joyful occasion into a stressful ordeal.

Assess and Update Your Policies

Given the evolving nature of cyber threats, it’s essential to regularly assess and update your insurance policies. Here are some steps to ensure you’re adequately protected:

  1. Review Your Current Coverage: Make sure to understand the specifics of your current policy. Does it cover cyber threats, including wire transfer fraud?
  2. Ask Questions: Don’t hesitate to ask your insurance provider detailed questions about your coverage. If they can’t give you a clear answer, consider seeking a second opinion.
  3. Stay Informed: Keep yourself updated on the latest trends in cyber threats and how they can impact your financial transactions and personal information.
  4. Consult an Expert: An experienced insurance agent, like myself, can help you navigate the complexities of cyber insurance and ensure you have the right protection in place.

Final Thoughts

Buying a new home should be one of the happiest days of your life. Don’t let concerns about cyber threats dampen your joy. Take proactive steps to ensure your transactions are secure and covered by appropriate insurance.

Have any questions about the topic discussed in this article?

Contact us today at 412.563.2106 to discuss your insurance needs and ensure you’re protected against cyber threats. Remember, I’m Don I., your insurance guy, always here to help you safeguard your most valuable assets.

Spring Check-Up: Assessing Your Insurance Policy This Season

Spring will be here soon and usually during spring we do what is called spring clean ups or check up.  We look at the lawn mower, the weed whacker and car wash stuff all because Spring is a new start. 

In my world, the same holds true for insurance.  I like to review my policies and make sure I have what I think I have and make any tweaks that I feel are necessary to be properly insured. 

Knowing that most people renew or purchase a policy and stuff it away somewhere for the year, the spring check up might be a good idea for you.  Things I look at during my check up and you should too are:

1. Limits: are they sufficient?  Will there be enough there to protect you in the event of a claim.  Make sure you review both the per claim limit and the aggregate limit.  Aggregate being the total amount available during the policy year.

2. Deductible:  Are you comfortable with the current amount?  Will you be able to pay it when it comes time?  On paper 5 or 10k might not seem like a lot of money but during a claim sometimes money can be a little tight.  

3.  Defense costs:  How are they handled?  Are defense costs/cost of defense  included in your limits of liability or are they in addition to your limits?  If you carry lower limits, say 100k and your defense costs are included in that limit it may not take very long to go through the limit before the case is resolved.

4. Insureds: Make sure you know who actually is insured on your policy – you, your staff, independent contractors, of counsels, former employees.  It always good to know who is covered and who is not

5. Prior acts: Check and make sure that your prior acts coverage is correct.  We all know that claims can and usually do stem from professional services we performed prior to the start of your current policy period.  Make sure your policy contains prior acts coverage.

6. Effective date. Make sure your policy is current and that you didn’t miss the renewal date.  Sounds stupid but it does happen.  People just forget to renew or just put it off until it is too late.

So before you start to cut your grass or use the weed whacker make sure you have a new spark plug in place and give your LPL policy a check up too.  

Unveiling the Risks: How the ‘Of Counsel’ Title Can Impact Your Insurance Coverage

Titles in business are considered very important: President, CEO, VP etc……law firms the same thing…Partner, senior partner, member, associates.  But did you know there is one title in a law firm that can cause confusion and sometimes affect insurance coverage?  The title OF COUNSEL. 

I’ve been told, ask 10 lawyers the definition of OF Counsel and you’ll get 10 different answers.  At some point, we can discuss and try to narrow down a more specific definition of what an OF Counsel is but today I want to point out how the term OF COUNSEL may affect your legal malpractice insurance coverage at retirement.

Most policies provide what is called a free retirement tail endorsement when an attorney from the firm retires.  Usually there are a few requirements that must be met in order to qualify for that free tail.  On some policies OF COUNSEL attorneys are not eligible for the free tail strictly because they are titled OF COUNSEL.  This usually is not an issue for a solo but for firms with 2 or more attorneys it can cause great concern.

I have seen instances where firms with 3 or 4 attorneys give the title OF COUNSEL to the founding member of the firm with no consideration of how this could affect the founding members coverage, his or her estates coverage or the retiring attorneys financial position during retirement.  Usually the change to OF COUNSEL is a result of the attorney working less hours and nothing more.  In this case it seems a shame for the attorney to lose coverage and in some cases not be able to get back because of working less time?  

So before changing anyone’s “title” to OF COUNSEL and printing new letterhead check your legal malpractice policy. Contact your broker/carrier and ask them for an interpretation of the coverage.  Make sure the change to OC won’t affect the retirement tail coverage. OR if it does you know and are ok with any change.  Who knows, maybe it won’t change but then again maybe it will.  Better safe than sorry.

Real-life Cyber Claim Examples: The Importance of Cyber Insurance

It seems as though everyone likes to hear a good war story and it is no different when it comes to cyber claims. Besides price, it may be the most asked question I hear – What kind of claims are being filed? Can you give me an example of a claim to show that this is real and I should be buying a policy? So, let’s delve into this topic and let me tell you a couple of real-life cyber claim scenarios:

War Story 1: The Case of Accidental Data Loss

A small law firm lost all of their data, including backups, from a shared office space when the IT administrator formatted the hard drive on the office equipment. The firm, which had three lawyers, was operating inside unused space at a larger firm. As part of the arrangement, the smaller firm also used the IT systems of the larger firm.

In an effort to segregate the data of the smaller firm, the larger firm gave them access to their own file server, which was normally used for email only. The server began having issues, so the IT administrator backed up the emails on the server, formatted the hard drive, and reinstalled all the software. Unfortunately, the IT administrator did not remember to backup the data from the smaller firm before formatting the hard drive.

The firm suffered an interruption of operations as a result and incurred significant expense to recover the data manually. In this case, the damages and loss are as follows:

  • Data Restoration Expense: $23,000
  • Loss of Billable Hours: $8,900

War Story 2: The Case of Accidental Data Breach

A law firm handling Qui Tam cases suffered an accidental data breach resulting in legal liability and disciplinary proceedings for alleged ethical violations. The firm used a cloud storage service for all firm data. The cloud storage provider offered two tiers of service to clients, free and premium.

Data in the “free” storage service is searchable and can be downloaded by other customers. The firm neglected to pay their renewal fees for the “premium” service, so the firm’s account reverted to the “free” service and all of the firm’s data was searchable and available online for several months. During that time, numerous parties downloaded the details of a sensitive whistleblower case.

As a result, the firm faced a lawsuit from the former client in the whistleblower case as well as a disciplinary proceeding. Several other suits from other current and former clients are also pending. In this case, the damages and loss are as follows:

  • Notification Expense: $27,000
  • Defense Expense: $305,000
  • Damages: $2,150,000
  • Fines & Penalties: $120,000

Note: pending suits from other clients are not included in loss amounts listed above.

These examples illustrate the real-life implications of not having a robust cyber policy. In today’s digital age, where data breaches and cyber attacks are becoming more common, having a comprehensive cyber insurance policy is not a luxury, but a necessity. It’s time to take a proactive approach to protect your firm and clients from potential cyber threats.

Maximizing Your Cyber Insurance: Understanding the Full Range of Protection

Most of the calls I receive about cyber insurance are for Fraudulent Funds Transfer.  This seems to be what the caller is most interested in and for good reason especially if your profession is in the area of law, real estate, or title/escrow work.  However the cyber policy is much more than just fraud transfer coverage.

The policies are usually what I consider a program or a suite of coverages made up of first and third party benefits and a strong risk management team.  Several of the carriers that write cyber insurance will perform or run an analysis of your website/online presence and identify weakness that exists and exposures that may lead to a cyber attack or event.  The carrier prepares a report that will not only identify the weakness but will also offer suggestions on how to correct or eliminate the exposure.  They also will rank or compare your cyber situation and scan results to other companies of similar size and industry. Allowing you to see if you’re keeping up with others in your industry in keeping your business, your clients and your customers safe from cyber attacks.

Other benefits provided by most cyber policies include: Notification costs.  Did you know that the government requires you to notify your customers in the event you have a cyber attack and personal/confidential data is compromised?  Think of how many files you have.  It won’t be cheap to notify and complete this task.  Ransomware.  Think you’ll never become a victim of this because your office is too small, and you don’t have or keep large amounts of personal confidential information? Think again.  Everyone is a target for this type of claim.  A hacker breaks into your computer system and stops your ability to use it or shuts down the entire system unless you pay XX amount of dollars.  How long can your office run with no access to your computer system?  

Fraudulent transfer of funds, risk management team services, strong claims team, notification costs and Ransomware coverage only scratches the surface of what coverages/benefits are provided in most cyber policies.  Although you may only have interest in one or two of these you need to be aware of all the coverages available to you in your cyber policy.  Rarely in a cyber claim is only one benefit/coverage part triggered.  Usually several parts come into play.  Don’t short yourself by not knowing all of the coverages and assistance that is available to you under your policy.  Read it and call your broker, and or the risk management team of the program with your questions.

Are You Taking Advantage of the Ancillary Benefits That Come With Your Malpractice Insurance Program?

I’m always surprised at the number of people who don’t take full advantage of the ancillary benefits that come with malpractice insurance programs. I know that most of the carrier programs we market have several useful benefits outside of the policy that can help a firm.

Items like: online risk management classes, some of which are eligible for free CE and possible premium discounts, samples of engagement, disengagement, and non engagement letters, as well as suggestions on how to implement a conflict of interest system.

You can also find examples of how to implement a dual calendar system and comments on the latest programs available in the marketplace for calendaring, client intake, and billing. Not all outside the policy benefits have everything we mentioned, but they do have some combination.

Keeping Your Documents Secure and Accessible

As an agency, we’ve developed a client portal with 256-bit encryption for your security. Current clients can use this portal to gain access to the previous applications you’ve submitted to us as well as your past and current legal malpractice insurance policies.

I get calls, some urgent, from insureds asking if I can resend the policy as they cannot locate it in their office. Imagine how convenient it would be if you could just go to the client portal and see all the information you needed online!

So if you’re one of the insureds that are using the additional benefits available to you from your legal malpractice insurance program, good for you. It can and will make your law practice better and maybe even reduce the chances of being sued. If you’re not, I would encourage you to at least take a look at what is available; you might be surprised. Oh, and did I tell you it is usually free?

Does a Legal Malpractice Policy Cover a Cyberattack, Data Breach or Wire Transfer Fraud Claim?

At INf, we just finished recognizing the month of October as Cybersecurity Awareness Month. I hope you enjoyed the few educational videos that we were able to send your way.

Since then, a few of our clients have asked me to talk a little bit about whether a legal malpractice policy would cover a claim that was based on a cyberattack, data breach, or wire transfer fraud. So as a bonus to our October series, we’ll go over a few of these issues.

Cyberattack and Data Breach Claims

Let’s take a look at the cyberattack and data breach issues. My answer is going to be a pretty typical insurance answer in this situation—maybe. It might be covered based on the claim circumstances. My best guess is that if you submit a legal malpractice claim based on a cyberattack or data breach, it will trigger the coverage.

The carrier will review the claim issues and decide which issues are going to be covered and which issues are not going to be covered. I would believe that those issues that are typically considered legal malpractice issues are going to be covered, and those issues that are strictly considered cyber issues will not be covered. Now, your policy may have certain language that will provide a very limited amount and scope of coverage for some cyber events. So you might be able to glean a little bit of coverage out of your legal malpractice policy in that event.

Wire Transfer Fraud Claims

On the other issue of wire transfer fraud, my answer is going to be a little bit different. I don’t believe that most legal malpractice claims or most legal malpractice carriers are going to cover claims for wire transfer fraud. Most of the carriers and carrier personnel that I have spoken to believe that wire transfer fraud is theft. And a legal malpractice policy is not theft protection.

Perhaps a fidelity bond, maybe crime coverage, or a standalone cyber liability policy would be the better policy from which your coverage would come. Some legal malpractice policies even specifically exclude theft, wire transfer fraud, and bank transfer fraud.

Consider a Cyber Liability Policy

If you’re looking for coverage to replace the physical funds that are lost from a wire transfer fraud, my suggestion to you is to not depend on your legal malpractice policy to do so. I think you’ll be very disappointed. Which brings me to my last and final point: you need to seriously consider the purchase of a standalone cyber liability policy. It’s going to protect you against a host of exposures, like cyberattacks, data breaches, ransomware, phishing schemes, and so much more.

So if you really want to protect yourself, the office, and your client, the purchase of a cyber liability policy is the way to go.

These policies help protect you from the threat of hackers, data dumps, stolen passwords, ransomware attacks and more.  

It takes less than 5 minutes to fill out the application for this insurance.  Contact INF to get started at 412.563.2106.

Be prepared against cyber attacks

In the past 4 weeks, we have covered multiple cyber security exposures that are common to law firms, including:

We have also covered how to minimize the risk associated with them.

However, they all have one thing in common…a human element, which is almost impossible to safeguard 100%.  About half of all data breaches happen due to some type of human error.

This is why we recommend purchasing cyber liability insurance.

Cyber liability insurance provides a combination of coverage options and services to help protect businesses against data breaches and other cyber events as well as help to recover quickly if an attack does take place.

This insurance can help cover the costs associated with an attack or breach, such as:

  • Lost income due to cyber event
  • Customer notification 
  • Data recovery
  • Damaged computer repair
  • And more!

Law firms use multiple types of technology that face cyber risk.  As this tech becomes more complex, so does the risk that comes with it.  This is why every business should be prepared with a cyber security plan/training as well as cyber liability insurance to help mitigate the risk.

Let INF help place you with the best cyber liability carrier for your firm’s needs.  To get started, give us a call at 412.563.2106 today.