Deep Cover

It used to be, back in the day, if you wanted to ‘surf the web’ at work, you would have to go deep cover, your red face and sweaty palms concealed safely behind the cubicle wall.  Your friends could email you everything from bad Popeye cartoons to porn and no one would be the wiser.

Meanwhile, you are expertly utilizing the duck and weave when you spy your supervisor two aisles over headed your way.  Quickly, your shaky thumb and third finger move to the alt and tab on your keyboard to await your supervisor’s passing glances.  Ah, the lengths we had to go just to access the internet at work.Computer hacker stealing information with laptop

I remember back in the late nineties, my local police department donated used (and supposedly wiped) computer towers to a local child charity.  It was discovered later that the hard drive was not wiped and instead was littered with numerous porn sites.  How embarrassing is that?

Nowadays, the IT department has all sorts of programs and software to monitor what we are doing at our desk. With the invention of ‘metadata’ and the advent of the Federal Rules of Civil Procedure making email discoverable – the racy emails have stopped and no more surfing porn sites at work.

If the ‘at home’ employees try to hook up a printer, IT knows; if my husband emails and says “we need milk” and I try to respond, IT knows; if I plug my phone into the tower to charge it, IT knows.  And, within minutes, someone is standing at my desk or calling my phone.

Additionally, our IT department blocks sites and certain advertising on the internet.  I cannot access LinkedIn, but I can look up the competition anytime I want.  If a customer calls up and wants to insure a Porsche GTR RS – I can look that up too.  I can Google their address and look them up on Verisk with no problems, but, I cannot look them up or correspond with them on their social media accounts.  I do, the computer records my ‘try’ and blocks me.

If an insured sends me inventory lists, photographs, or personal information on a disk, procedure says to have IT look at it first.  So, I am very confused about the recent article from PropertyCasualty360: Survey: 90% of businesses hacked at least once in 2015.  The survey sites employees ‘bringing in their own devices’ as a potential problem.  Are there that many employees willing to risk their jobs and potentially their career on this type of infraction?

The place I see the most volatile – the internet communication between the insured, the agency and the company.  How many agencies download commission statements?  Further, my own company rating/application software allows agents and consumers to upload documents.

There some scary scenarios out there – hackers seeking vulnerabilities; strikes at the password-protected system like a ramrod; email that looks like it’s legit; malware, spyware, or phishing.  It’s endless.

Now, I will tell you that my company’s website was hacked.  It was not a ‘snatch and grab’ type of job, but more or less the hacker posted graffiti on the site to ‘mark it’. And because of that incident, I know we have a wonderful Cyber Insurance policy.

At this point, technology is catching up to the insurance field.  We have plenty of programs out there that will assist the underwriter in reviewing and writing the risk.  As we become more automated that certainly leaves open more possibilities of being hacked.

As I have mentioned before, at the company, there are people assigned to make sure we are locking our computers and hiding our passwords every day.   What type of precautions is your agency taking?

Leave a comment or share an experience.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s