COVID-19 has brought up a lot of concern regarding cyber risks, especially with many employees being required to work-from-home. Separately, some industries cannot transition to a work-from-home environment, and those employers are struggling with the logistics to continue operating and also the lack of business caused by this pandemic. Due to these challenges employers are facing, many have to reduce hours, implement furloughs, or lay off employees. Every employer is grappling with how to stay afloat while not having access to the tools and resources they are used to having.
Because of the prevalence of employees working from home and also the potential for significant changes in employment status for many employees, we are putting forth an article to focus on ways to handle these scenarios while also touching on the resulting insurance implications. We are not technology providers or attorneys, but our goal is to encourage employers to think about how they are protecting networks with employees working from home while also considering what may happen in the event of a change in the employment status to a segment of an employer’s workforce.
If your employees can work from home, we have included suggestions below for businesses and individuals to protect themselves from cyber incidents and data breaches. Cyber Liability Insurance policies can provide coverage for breaches whether employees are working from home or at an office. Also, Cyber Liability Insurance policies offer resources to policyholders, including training for employees, network/ system scans, and Incident Response Planning Guide support amongst other offerings. For employers considering hour reductions, furloughs, or layoffs, it is crucial to understand what Employment Practices Liability Insurance covers, the resources available, and how to access this insurance during this difficult time.
First, let’s start with Cyber.
It is in all of our best interests as businesses to be protected from cyber-related risks, especially while employees work from home. For that to happen, we’ve listed some ways for companies and employees to increase security measures while maintaining a platform for productivity and collaboration. These tips are not all-encompassing but provide some big-picture ideas.
Employers should have a secure way for employees to access systems from home, which usually entails a Virtual Private Network (VPN).
- Recommendations for employers and IT teams
- Require two-factor authentication when possible
- Engage in regular security updates and patches
- Back-up systems, back-up data and test access to back-ups regularly
- Secure Remote Services or Remote Desktop Protocol (let us know if you have questions on this one)
- Cybercriminals will try to turn the crisis to their advantage
- Advise employees to be wary of everything they click on
- Phishing emails will be even more prevalent, especially those presenting health safety measures related to the coronavirus outbreak
- If something doesn’t seem right, urge employees to call the sender or recipient to confirm emails and material were intended to be sent
- Recommendations for employees working from home
- Keep computer(s) and other devices in a secure place
- Log out when you are not using the computer or system
- Use strong passwords
- Use two-factor authentication when available
- Download security updates and patches (employees do this on personal devices and IT teams for the corporate network)
- Back up data regularly
- If there is a question about emails requesting credentials and login information (or something doesn’t seem right), contact the IT team, a team leader, or manager to verify the legitimacy
- Access corporate information with a VPN especially if accessing on a public network and/or unsecured public Wi-Fi
- If possible, access company information from home or another remote location using password-protected internet access
- Combine this with password protection to the company’s system and multi-factor access to the VPN
Next, let’s talk about Employment Practices Liability.
It’s critical to know if you have Employment Practices Liability Insurance (EPLI) coverage, especially if you are in a position where you have to lay off employees. You can find this out by checking your policies, calling your insurance broker, or asking your PEO administrator.
Here are a few key items to think about when considering reducing hours, furloughs, and layoffs:
- Contact an employment attorney to review plans
- If you have an Employment Practices Liability Insurance Policy, the policy may provide policyholders with free access to an employment labor attorney firm. Jackson Lewis is a firm listed on many policies depending on the carrier. If this is part of your firm’s EPLI policy, the policy will provide a phone number to call the firm. You should have your EPLI carrier (insurance company name) and policy number available.
- Typical employment practices claims arise from alleged or actual sexual harassment or discrimination.
- In this crisis, allegations of retaliation that result in termination, demotion, or hour reduction or allegations of wrongful termination may be a significant claim driver.
- We recommend speaking with an employment attorney before finalizing employment decisions, if at all possible.
- Verify compliance regarding employer payment rules and regulations. Allegations of not paying overtime can result in Wage and Hour claims. EPLI policies provide varying levels of Wage and Hour defense coverage. Check with your insurance broker about levels of coverage your policy provides.
- Verify compliance with FMLA and its expansion due to the Families First Coronavirus Response Act. Take into consideration other new Emergency Paid Sick Leave mandates.
The unique economic circumstances we find ourselves in will have repercussions that we cannot foresee. The impact will be far-reaching and will apply to Cyber Liability and Employment Practices Liability Insurance, but also Directors & Officers Liability Insurance, Fiduciary Liability Insurance, and Crime Insurance, amongst other lines of coverage.
If you have any of these types of insurance policies, it’s important to know your limit(s) of insurance, retention or deductible, how to submit a claim, and if there are any free or reduced-cost resources, you can access being a policyholder. Your insurance broker CAN and SHOULD help you here. Bankruptcies, layoffs, cyber-crime, and retirement plan fluctuations can be the drivers for claims and increased claims. And in this crisis, they can affect the way insurance companies evaluate risk and provide coverage going forward. If you don’t have these policies, it may be a good time to discuss your exposures to these types of risks and find out what is available in the marketplace. Again, your insurance broker CAN and SHOULD help you. Most importantly, if there are ways that companies can set aside resources to focus on compliance, strengthening corporate balance sheets, and pre-emptive cyber resilience and cyber hygiene implementations, it will likely serve them in this period of uncertainty.
There is no exact timeline for when life will become somewhat normal again, but every employee and employer must use their best practices at this time. We’re in a crisis. Everyone has been affected in one way or another, so businesses must protect themselves from risks that can directly impact them or their employees. We are all in this together, and if there is any way we can help, please let us know.
Please contact your Horton team representative with any questions or concerns for us to serve you better.
Material posted on this website is for informational purposes only and does not constitute a legal opinion or medical advice. Contact your legal representative or medical professional for information specific to your legal or medical needs.