Since the COVID-19 pandemic has made working from home commonplace over the past year and a half, the topic of cybersecurity, particularly in the accounts receivable management (ARM) industry, has generated a lot of buzz.
While data breaches targeting large businesses and institutions may receive the majority of public attention, businesses of all sizes are at risk, says Tim Dressen, ACA communications consultant, in an article for the November / December edition of Collector magazine.
One of the biggest potential vulnerabilities for many collection agencies is the use of outdated technology. Upgrading systems is time consuming and expensive, but using existing systems comes with increased security risks, Dressen reports.
It is essential to make sure that your cyber liability insurance is up to date and that coverage is simple and affordable for ACA members. A cyber liability insurance policy is designed to protect you against loss of income and to cover defense costs that your business might be required to pay as a result of a data breach, ACA International previously reported.
Collectors Insurance Agency (CIA), a subsidiary of the ACA, offers its members exclusive access to risk management products and services tailored to each individual’s specific needs.
While some agencies may have employees returning to the office, there are still quite a few working from home. In the event of a data breach, what should collection agencies do and how can CIA cybersecurity insurance help you?
CIA Sales Director Dereck Tessmer shares his top tips for tackling this problem.
“The exposure of employees working from home or telecommuting is that you are not always aware of the security measures in place,” Tessmer said. “Multi-factor authentication (MFA) is a must if you have remote workers,” Tessmer said. “If there is a data breach, or if a breach is believed to have occurred, you will need to notify all of those people of the breach, as well as provide credit monitoring services. These are often the first expenses our members would incur, and a major benefit of implementing a cyber policy. “
When a policy is in place, you’ll want to contact your carrier as soon as you learn of the violation, Tessmer explained.
“The advantage of having coverage is that carriers know the notification requirements and the steps to follow to stay in compliance with the different requirements of each state,” he said. “The carriers also have relationships with the reporting companies of the credit monitoring companies.”
In addition to useful data breach tips and advice, the CIA has also provided a comprehensive guide from carrier Cyber Risk Aware with tips for avoiding online phishing and internet scams.
The guide cites the top causes of security incidents involving phishing, malware and ransomware downloads, wire fraud, and weak password security, among others.
“We are there for our members. Everything we do is in their best interests and we continually put their needs before ours, ”Tessmer said. “We are not here to sell a policy, but we make sure that the needs of our members are met. “
Debt collection agencies should also consider state and federal laws when deciding whether or not to allow employees to make collection calls from their homes or other remote locations.
The ACA SearchPoint document “Collecting From Home — What Your Agency Should Know” contains general guidelines on compliance while working remotely, and the ACA recommends that members monitor their state licensing department for updates.
Other online resources include a comprehensive library of information, advice and resources from the Cybersecuirty & Infrastructure Secuirty Agency with everything from protection against ransomware, malware and phishing attacks to managing cyberbullying and security on social networking sites.
Contact Sales Manager Dereck Tessmer at firstname.lastname@example.org or (952) 259-4224 for resources and information on CIA cyber liability and executive risk policies.
To receive notifications about ACA content, including member alerts, upcoming events and new products.send ALERTS to 96997.