Every day you read about hacking scams, large and small, which infiltrate corporate and banking web servers and networks. Whether it’s a foreign hostile country or scammers trying to gain access to information or money we all know that we’re under constant threat. What we may not know is that if someone outside your New York company or even inside your company wipes out your bank account, your New York crime insurance program may not respond sufficiently, and your bank may not have the legal liability to restore those funds.
Small businesses that may lack sophisticated network security may be the most at risk. At a bare minimum your network should have a fire wall which is kept up to date with security patches. Educating employees and continuing to inform them of the risks of clicking through to links on emails is also a critical first defense. Hackers and spammers are becoming increasingly creative in email phishing and spoofing scams with emails that actually look like emails from Fed Ex, DHL, Chase, the IRS, or other large institutions, so precautions are always necessary.
If your company performs wire transfers online you should insist on multiple individuals in your company to approve every online transaction over a certain limit and multi-factor authentication to force your bank to confirming legit transactions. Multi-factor means email, and phone authentication or the use of security tokens or short term password validation. You may also want to consider capping the total cash transactions permitted (i.e. your normal payroll transaction) in any one transfer to prevent being wiped out entirely in one transaction.
I’ve read that the most foolproof security measure to prevent your company’s online banking from getting hacked is to us one computer solely for your online banking transactions. That computer is never to be used for online web browsing or for email, that way there is no conceivable method for hackers to take over that computer’s actions or keystrokes.
Monitoring your cash balances daily is also critically important; to catch a illegal withdrawal, and as with preventing all forms of employee crime basic check and balance procedures should be maintained.
Preventing a loss from occurring is always your best strategy, but should a hacker capture your banking password, or gain access to your bank accounts, having the right crime insurance coverage is also necessary.
Many business policies or packages include limits for some crime insurance coverage such as employee dishonesty, and money & securities. But they may not cover the exposure of Funds Transfer Fraud which is frauds occurring outside your premises, in other words hackers gaining access from their computers to your bank account. In many cases a separate crime insurance policy may be needed to obtain this specialized coverage and at the limit you may need. Speaking of limits, it’s important to review the limits of all the crime insurance coverage you may have. Common employee dishonesty limits are $10,000 or $25,000 which may be totally insufficient to your business. Obtaining and maintaining proper limits will assure coverage in the event you are hit.
Now, the other part of crime insurance coverage and your bank accounts is theft that occurs from within your premises. The common exposure here is that an unauthorized employee obtains the key or password to your online banking system and accesses your accounts to perform wire transfers or withdrawals.
Obviously keeping passwords secure, changing them often, and not writing them down and sticking them under your desk blotter are crucial! But also important is the right insurance coverage for this exposure. The Crime insurance policy also has a coverage known as Computer Fraud, which covers frauds that originate in your premises. The typical Commercial Crime Insurance policy will have 8 to 10 coverage parts to it, depending on the insurer and we recommend careful examination of the form to make sure you maximize your coverage on it. As mentioned earlier, having sufficient limits to protect your exposure in the worst case scenario is important, but also important are controls to prevent losses from ever occurring.
For more information about New York Crime Insurance and how we can help you educate your employees and control employee dishonesty, please contact us!