Posted on

Emergency Response Tips

Emergency Response: Tips to keep you safe

The shooting at Santa Fe High School in Texas, the 101st mass shooting in 2018 is just the most recent in a long, alarming, and troubling trend in our country. While the horror of such acts is almost unfathomable, it is critical for any organization, business, church or school to be mindful of them, identify potential threats within your own walls, and prepare for "worst case scenarios".

It is absolutely necessary for organizations to take steps to protect the individuals within that organization. There are a number of ways to do that:

Develop an Emergency Action Plan (EAP)

Develop an Emergency Action Plan (EAP). Implement the plan. Stick to the plan. This Emergency Action Plan should include:

  • Perform risk analysis and assessments of your operation
  • A preferred method for reporting emergencies
  • An evacuation policy and procedure
  • Emergency escape procedures and route assignments (i.e., floor plans, safe areas)
  • Contact information for and responsibilities of individuals to be contacted under the EAP
  • Information concerning local area hospitals (i.e., name, telephone number, and distance from your location)
  • An emergency notification system to alert various parties of an emergency including:

    –Individuals at remote locations within premises
    –Local law enforcement
    –Local area hospitals

Train employees, parishioners, and volunteers

Train employees, parishioners, and volunteers on the Emergency Action Plan and response procedures.

Do not be afraid

Do not be afraid to report suspicious or concerning behavior to authorities.

Be alert to individuals who display “red flags”

Be alert to individuals who display “red flags” such as drug abuse, mental instability, behavioral trends such as insubordination, a fixation with weapons or violence, post negative or threatening material on social media, et cetera.

Talk to employees

TALK to employees, parishioners, and children, and LISTEN to what they have to say.

The risk management tips above will not eliminate the possibility of tragedy, but they can help reduce the severity.

Take time to review your Emergency Response plan and be diligent about maintaining and training. Doing so may save lives.

Active Shooter Response PDF
Information is from The National Alliance for Insurance Education & Research, SafeChrch.com, and Homeland Security's Active Shooter Response Policy. 
Posted on

Preparing For The Unexpected

2018 is proving to be a challenge in terms of unexpected events. From weather to workplace violence, the constant is almost daily unexpected occurrences. In light of this new normal, a question arises. How can we prepare for these UFO’s (Unforeseen Occurrences)?

An important exercise is determining whether these things are truly unforeseen. The weather is a great example. Looking over the past 12-18 months of weather patterns we can make some assumptions. We can even look back over years to see what at the time appeared to be unforeseen weather events. For example, how many times has it snowed on baseball’s opening day? Enough to know it could happen again.

Being prepared for what might happen allows us to effectively deal with it when it does. It’s why we buy car and homeowner’s insurance; it’s why companies maintain liability insurance. We’re hoping nothing happens but want to be prepared just in case. Preparation goes beyond maintaining insurance policies, however.

Establishing an emergency plan takes the panic out of the moment. Knowing we have a strategy to deal with situations as they arise allows us to continue to focus on what matters, while knowing we can handle anything.

The added benefit of a plan is that it creates an expansive mindset. We can’t possibly think of every potential situation. When we have a plan for the things we can think of, we are more prepared for the things we couldn’t even imagine.

Preparation keeps us in control even in the most stressful situations. It is that control that safeguards the continuity of our operations. Consider these steps when creating your UFO Preparation Strategy:

1. List previous UFO’s your company has experienced. At the time you weren’t expecting them. Now that they’ve happened you can plan accordingly.

2. Take a look at what is happening in the world. Identify those things that could happen to your business. An example is cyber attacks.

3. Develop a strategy anyone can quickly implement in the event of a UFO.

a. You may need to create more than one plan depending on what you want to be prepared for.

b. Weather plans are different from workplace violence plans.

c. Power outage plans will have some of the same elements of a weather plan.

4. Document and train. Put each plan in writing, share it with everyone, and make sure there is ongoing training around the plans.

Preparation includes believing things could happen, creating a strategy to deal with the unexpected, and consistently reviewing strategies. Hopefully you never need these plans. Knowing they exist will provide peach of mind and freedom from concern. Engaging in this exercise increases the strength and sustainability of any organization.

Posted on

Gone Phishing

Phishing, emails baiting recipients to click a link allowing for corruption of data, virus intrusion, or ransomware, is the most used method of cyber attacks today. It comes in all different forms: emails masked as a purchase receipt from an online retailer like Amazon, a bill from a vendor, etc.

The most recent epidemic has been labeled as "Social Engineering Fraud" which is fraud that occurs when an employee is intentionally misled into sending money or diverting a payment based on fraudulent information that is provided to them in written or verbal communication such as an email, fax, letter or even a phone call.

Over 100,000 people are affected by social engineering attacks each day with 43% of attacks focusing on small business according to Symantec Internet Security Threat Report and Hillard Heintze The Front Line Report.

We have seen two scenarios in the past few weeks where an employee of a company received an email appearing to be from the President, CEO or CFO requesting a wire transfer. Only after closer investigation and verbal communication were the emails determined to be fraudulent. Our agency has even been victims of this form of Cyberattack.

Awareness by your staff of these types of threats is critical to cybersecurity and may be your best line of defense. No employee should click email links without being certain of their validity. The best risk management protection for Social Engineering Fraud is in-person or verbal confirmation of any money transfer request, no matter the amount.

Learn More
Posted on

Guarding Against A Digital Invasion

Think about all of the information you gather from parishioners, visitors, employees, and vendors. Most, if not all, of that information probably resides on computers and in the cloud. Personal, payment, and private data is being gathered and utilized on a daily basis.

Keeping this data secure is essential. We never want to think that are world could be compromised, even when we hear about it happening to other organizations. One thing that has become clear is the necessity of looking at things from a different viewpoint. Identifying potential hazards and loopholes only helps us stay safe.

Some things to consider are: password strength, staff education, limited access, and monitoring.

Password strength
The stronger the password, the more secure the data. Many people select a password that is easy to remember. If it’s easy for you to remember, it’s easy for a criminal to figure out. You can, however, create a password that is both easy to remember and hard to discover. Morgan Wright, a security expert, teaches a fail proof system for password creation. In effect it is – select a 4 or 5 word sentence. For example, My house is blue. Using the first two letters of each word, create a password where the first letter is capitalized and the second is lower case. Begin the password with a hashtag and the number of words in the sentence. Using My house is blue, my password would be #4MyHoIsBl. You can customize the password for the site you are logging into. If I was logging into Facebook I would add Fa to the end of the password, so it now would be #4MyHoIsBlFa. Relatively simple but very secure.

Staff education
Let’s not assume that everyone using our computers and payment systems is aware of the potential dangers. Consistently educating the staff on security and safety precautions keeps the topic at the forefront. It’s easy to relax and forget the potential dangers lurking just outside our screen. Maintaining a system of continuous education will remind everyone why certain securities are in place.

Limited access
At the same time, limiting who has the ability to access the data and systems will limit the potential for something to go wrong. It’s not about trust. It’s about security. Thinking through who really needs to be able to sign in, see data, pull payments, will help you identify where a weak link exists.

Monitoring
Monitoring is an essential aspect of data security. Things change rapidly in the technology space. And cyber-criminals are consistently finding new and interesting ways to invade your systems. It is a prudent policy to establish scheduled monitoring processes that are either conducted internally or outsourced to a managed services company.

Your parishioners are assuming their data is secure when they give it to you. Donors, parishioners, and contributors are assuming your payment system is PCI compliant. Assumptions are dangerous and provide an opportunity for you to ensure they are valid. Being proactive keeps you and your congregation focused on the things that matter. And chances are good you have at least one person in your congregation who has cyber security expertise. Seek them out. Knowing your data is secure will give you peace of mind, something that is priceless.

Learn More
Posted on

The Drug Test Dilemma

In states where marijuana is now legal, companies are faced with an interesting dilemma. According to a recent Insurance Journal article titled, “Why Companies Are Relaxing Employee Drug Testing”, drug testing “restricts the job pool, and in the current tight labor market, that’s having an impact on productivity & growth”.

Many companies in states where marijuana is legal have decided to limit drug testing to jobs with safety concerns. This change in attitude and policy as it relates to drug use has its advantages. The ability to expand the candidate pool allows these companies to hire the people they need to meet production demands.

This change comes with its fair share of risks, as well. Workplace safety and productivity are potential issues to consider before eliminating drug testing. As more and more states elect to legalize medical and recreational marijuana, companies will need to evaluate their current policies and procedures, ensuring they are current and clearly outline the company’s expectations. Doing so can help to eliminate any potential discrimination lawsuits.

It is also important to discuss drug testing policies with your attorney and insurance agent prior to implementation. Contact Insurance Systems Group for more information.

 

Posted on

How Technology Is Impacting The Construction Industry

An occupational hazard of any segment of the construction industry is safety. From injuries to fatalities, construction sites can be costly. When accidents occur, work is slowed, fewer workers are available, and overall morale can be compromised. Added to this is insurance and worker’s compensation costs. It can become challenging to keep costs down while keeping employees safe.

New technologies have emerged to help improve onsite safety and ultimately reduce cost. Peter Schermerhorn in his article, New Construction Technology Is An Insurance Game Changer, explains that the use of wearables, sensors, and drones allows site managers to identify potential issues before a problem occurs. This can also improve insurance underwriting and understanding of how a work site operates.

Unlike other industries, advances in technology have not had the same impact on eliminating the workforce. Rather, it has enhanced the employee experience. Being able to identify and avoid potential safety issues provides a security that also impacts morale. Moreover, it can increase employee retention.

Given the choice of staying with a company that is proactive about safety, or moving to a company that hasn’t invested in technology resources, most people would stay where they are. This is especially important in today’s market where the workforce is aging, and bringing in young skilled workers is challenging.

An investment in technology can pay for itself many times over with increased retention, decreased accidents, and greater attendance.

Contact Insurance Systems Group for more information.

 

Posted on

Keeping Your Business Safe In Cyberspace

How often do you think about keeping your business safe in Cyberspace? From malware to ransomware to hacking, security has taken on a whole new meaning. Being connected to the internet provides a door for cyber-criminals to walk right through. Businesses large and small are experiencing costly attacks every day. 

So, what can you do to secure your company? Start by realizing how criminals get in, and then create a plan to bar the door.

There are a couple of paths into any business’s data – email, cellphone, and firewall. When you have your IT company review your systems there are things you can implement to create barriers. Tight restrictions on what can penetrate your firewall is a start. Blocking suspicious emails is another, and having a robust antivirus program is critical.

The truth is that even with all of these systems in place, you can still be vulnerable. Any business with people in it is at risk no matter how tight their controls. Your employees aren’t intentionally putting the company at risk. They just don’t really understand the danger of some of their actions.

One of the most effective deterrents to cybercrime is knowledge. Create a process for consistently communicating with your staff about specific things they should be doing to stay safe. Remind them to check with a sender before opening an attachment. Did they really send it or is it a clever ruse? Educate your staff on common concerns. For example, if they hover over a link inside an email they can see where it really goes. Inform them of the extensions they should avoid. There are people who specialize in cybercrime prevention. Invite them in to have a talk with the staff. The better educated people are, not only of the risks but of what they can do to avoid trouble, the safer your company will be.

It might be helpful to set a google alert for ‘cybersecurity’ or ‘cybercrime’ so you are notified whenever a story is posted. That way you can stay current on what is actually happening in the business world. Sharing this timely information with your team will allow them to work with you on security.

Being proactive is, in itself, a deterrent. Get educated, share the education, and keep talking about the dos and don’ts. This is how you empower your own army against invasion.

Contact Insurance Systems Group for a policy review today.

Posted on

Protection From The Storm

Winter is upon us and it doesn’t seem like any part of the United States is being spared rough weather. Churches in the North are most likely prepared to deal with the dangers of bad weather. For all of the churches that usually don’t experience snow, sleet, or hail, there are some things to consider to keep people safe, and your liability in check.

Act like a visitor. Travel to your church as if you aren’t there all the time. Seeing the approach from someone else’s viewpoint can help you see potential dangers. How clear and clean is the parking lot? This includes how solid the surface. Are the walkways clear? Are there low hanging branches or wires?

What about the steps? Is there a handrail? If there are floor runners are they secured? One of the most dangerous things is a loose rug corner. Is the floor dry? How’s the foundation looking?

Now think about things you can do to safeguard your parishioners and visitors. There are the standard ideas like shoveling, putting down rock salt, and mopping up wet floors. You can further improve the experience of attending services in inclement weather by offering things like walkers or parking assistants. Walkers are people who help someone walk through the parking lot and into the church. Parking assistants can park cars for people attending services.

Asking church members to participate as helpers provides a double benefit. It enhances the fellowship of the congregation while providing a helping hand to those in need.

Learn more about our church programs
Posted on

Cornerstone of Hope Gala

Dan, Mike Sr., and Mike Jr. attended the 15th Annual Cornerstone of Hope Gala in Independence, Ohio.  

Cornerstone of Hope is dedicated to providing support, education, and hope for grieving families.  Guided by Christian values of compassion and service, Cornerstone offers free counseling, therapy, support groups, camps, education and resources to anyone dealing with loss and seeking support.

Learn more about Cornerstone of Hope
Posted on

Risk Management Is Everyone’s Business

Risk Management is everyone’s business, and all companies have a variety of risks. From physical location issues to hacked data and even employee conduct, there are a lot of things to monitor. And it doesn’t matter how big or small a business is. Having said that, companies with physical offices or stores have risks that online businesses don’t.

If you have no employees you’ve eliminated one risk area. But, don’t kid yourself. It doesn’t mean your business is in the clear. You most likely have resources to help you achieve your goals. They, too, can put you at risk.

In order to protect your business, it’s helpful to start with a ‘what if’ exercise. First inventory all of your assets. This includes, but is not limited to: technology, people, brick and mortar location, contractors, and vendors.

For each asset, ask yourself what could happen. ‘What if’ someone falls in the parking lot? ‘What if’ our payroll company is hacked and our records are compromised? Get creative with your ‘what if’ scenarios.

When you think you’ve considered all possibilities, pull your staff into the conversation. They may think of things you didn’t. Once you have your list, start creating strategies to diminish those risks. Get everyone involved in the protection process. After all, it should be just as important to them as it is to you. Build awareness, create strategies, and implement consistently. When everyone understands the value of risk management, they will make it their business.

Contact Insurance Systems Group to schedule a time to discuss the risks associated with your business, and to make sure you have the protection you need.