Recent Posts

October 18, 2018
September 17, 2018
September 13, 2018
September 12, 2018
September 5, 2018
August 30, 2018
August 28, 2018

Insights

Cyber Security Series: Password Do's and Don'ts

Posted by Madeline Perkins on April 24, 2018

Cyber_Security_Password_hero.jpg

We’ve all played the password game when logging onto an account we haven’t used in a while. You know that it’s either “Hernandez1992” or “Hernandez2665,” but neither work. You try both again,  but make the “H” lowercase; that fails too. With only a few tries until you’re locked out, you try another set of passwords, the ones using the name of your street. You try “Wood1992,” “Wood2665” . . . The game continues until you either guess the right one or lock yourself out.

When making passwords, we all walk the difficult line between too simple, which enables hackers to violate our accounts, and the reality that we may forget or misplace our password. One of the most common motivations for creating a simple, guessable password is the fear that we have to remember our passwords in our head. Luckily for us, there are an increasing number of creative, secure ways to store passwords. This article considers both how to make our passwords more secure and how to more efficiently keep track of them.

We all understand that it’s important to have safe passwords. Yet because so many online interactions require us to create passwords, it’s easy to become careless and use any phrase that comes to mind. Although we only spend a few seconds to create passwords, hackers obsess over them all the time. Taking an extra minute to create a solid password and record it in a secure place could save you the hours it takes to fix problems caused by someone hacking your account.

Keep in mind the following attributes of strong passwords:

  • Make It Unique: Avoid using passwords that are identical to ones used for other accounts. Keep work and personal passwords separate in case one account gets hacked. Also, shy away from using different iterations of the same word, a sequence of numbers or letters (12345678), a keyboard pattern (qwerty), or a common term (password).
  • Make It Random: Resist the natural impulse to use personal information as the basis of your passwords. Important dates (your birthday) or names (your street, your surname, or your pet’s name) are often easily available and can endanger the security of your passwords.
  • Make It Tricky: Numbers, special characters and capital letters increase the security of a password significantly each time you add one. Although commonly used at the beginning or end of the phrase, they can also be placed in the middle of a password as a replacement for certain letters (Gre@tD@y) or instead of a space between words (Ready%For%It).

For the strongest passwords, ensure your choice is all three—unique, random, and utilizes numbers and special characters. For example, rather than “Letmein!”, which passes most systems’ requirements yet is easily guessed, use a more complex, original idea, like “c0pyMachin3”, “#Di$neyW0rld!”, or “dont*stop*Believing!”

Once you have created your password, you’ll need to store it. If you’re storing passwords on an electronic device, make sure it’s in a protected file. Although experts say not to write down your passwords, if you want to anyway, avoid writing them in the front of notebooks or anywhere visible on your desk. One app that’s convenient and confidential is LastPass, a password storage app that works for individual users or entire companies. There are any number of similar technologies available depending on your needs. And if you insist on storing passwords in the “Notes” app on your phone, make sure you use the “Lock This Note” feature, available in the top right corner.

Hackers play with passwords all day long, so take the extra time to secure your accounts from schemes that could snatch your information, messages, or money.

According to Steven Hines, president of Threat Advice, “Passwords are the gateway to our sensitive information.  Always use different passwords for different applications, and change them frequently.  Perhaps most importantly—use dual authentication whenever possible.”  ThreatAdvice prepares employees to prevent a cyber-attack on your organization. They offer cyber security employee training and risk assessment online to promote awareness and prevention.

 

If you are interested in learning more about cybersecurity education and assessment, contact ThreatAdvice and take advantage of their complimentary 90-day trial.

Strong passwords are just one of many ways to avoid a cyber breach. For more information about cyber liability, contact a Cobbs Allen consultant today.

 


Out of Site: Construction Theft Prevention

Posted by Madeline Perkins on April 17, 2018

construction_equipment_header.jpg

Large vehicles, equipment, handheld tools and building supplies found at construction sites are popular targets for theft. Studies estimate that theft of construction equipment cost businesses around $400 million dollars per year in the United States. Here are a few ways to prevent theft at your work site:

  • Inside Job: Theft doesn’t only occur from people outside of your organization. Perform a background check on all job applicants and make sure to only hire employees you trust.
  • Check It Out: Keep track of what supplies and equipment are at your work site. Designate a specific employee or team of employees to receive, record and label all building supplies and equipment. Keep records of serial numbers, dates of purchase, and models of all equipment. This way, you will have the proper information about items if you do experience a loss.
  • Light It Up: Make sure that the construction area is well-lit, especially during evenings and weekends. Also ensure that your work site has a fence surrounding the entire area and hang “No Trespassing” signs around the fences; these measures help prevent casual crime.
  • Lock It Down: Lock all vehicular equipment and store the keys in a safe location. Also, mark all equipment with the company name, preferably in both an obvious and a hidden spot.
  • Box It In: Secure portable tools and equipment in a locked shed outside of working hours. Consider getting an alarm system for all sheds and trailers on the property.

Despite the best-laid plans, construction site theft can still occur. In preparation for this possibility, make sure that you have recorded the model and serial number of all your equipment. Don’t store construction supplies on the property any longer than necessary. Make it procedure to contact your insurance broker when purchasing or leasing new equipment, and verify your current policy provides adequate coverage. If you have questions regarding coverage, contact a Cobbs Allen risk consultant.


Cyber Security Series: 5 Common Phish Attack Schemes

Posted by Angela Wolfe on April 9, 2018

Cyber_phishing_hero.jpg

Hackers only need you, that’s right just you. They are sneaky and know the general population is busy doesn’t pay close attention to the emails they receive. Hackers know people are comfortable in their daily habits. They exploit this behavior by creating email scenarios designed to encourage a click. They need just one person to click just one time to infect their computer with malware that grants them access to the information they need to launch a more sinister attack.

According to Steven Hines president of Threat Advice, “Phishing attacks are by far the most common cyberattack today, and these attacks continue to get more and more sophisticated.  Gone are the days of the ‘dear sir’ attack-now we have to worry if an email appearing to be directly from a co-worker is actually from them.”

Because hackers are continually changing their tactics, clicking on a nefarious email or link leading to a cyberattack can happen to anyone. Recognizing the threat before it turns into a disaster is just one way we each can be more prepared. The following are five ways hackers are currently trying to access your business and personal information:

  1. Look but Don’t Click – If the email address or the attachment name seems “phishy,” it probably is. Are there spelling or grammatical mistakes? Companies with professional staff are not going to make these types of mistakes.
  2. Analyze the Salutation and Signature Closely – Most legitimate business will use your name rather than a generic greeting like “Dear customer.” The business should provide ways to contact them in the signature. If not provided, it could be a phish attempt.
  3. Know Your Brands – Hackers will spoof your favorite brands and make their emails look enough like the actual brand to fool you. Is the logo color wrong? Are there additional words in the brand name? Did you sign up to receive emails from them? Don’t click any links before you examine the email to confirm the sender.
  4. Urgent or Threating – No one likes a bully. A common phishing technique is to use harassing or threating language in the subject line or email content or to create a sense of urgency to handle a fake problem. Most legitimate banks, utilities/municipalities and businesses will not ask you to provide your private information via email nor threaten you in email.
  5. What grandma said…“If It’s too good to be true, it probably is!” Hackers will continue to send phishing emails promising riches and prosperity if you only send your social security and bank information. Why? Because unfortunately, people still take the bait. 

 

Employees who are cyber-prepared play a vital role in protecting your enterprise. Conversely, employees who do not practice good cyber hygiene create a very vulnerable enterprise security risk. ThreatAdvice prepares employees to prevent a cyber-attack on your organization. They offer cyber security employee training and risk assessment online to promote awareness and prevention. If you are interested in learning more about cybersecurity education and assessment, contact ThreatAdvice and take advantage of their complimentary 90-day trial.

If you would like to learn more about cyber liability insurance and how it protects your business, contact a Cobbs Allen Risk Consultant.


New Hire Orientation 102

Posted by Cory French on April 9, 2018

New_Hire_Orientation_102_hero.png

As a follow-up to my last blog post, New Hire Orientation 101, I thought it would be helpful to discuss an important tool I use during new hire orientations:  onboarding checklists. Unlike traditional orientation, onboarding is an intentional process that takes place before the first day of employment, and using a checklist is a great way to manage all the moving parts that are involved.

There are many ways to approach the onboarding checklist. To determine the best process for your organization, you should consider the organization’s size, frequency of employee turnover, available technology and the number of people that are included in the onboarding process. 

In one of my first management roles, I worked with a company that employed thousands of people across the United States. We used a checklist, sent by our home office, that was printed directly on the front of the new employee’s personnel file folder. This checklist gave us step-by-step instructions for onboarding our employees and building their employee file.

It's been a decade since that first management job, and onboarding processes sure have come a long way. Our checklist at Cobbs Allen is a cloud-based document that is shared with each employee who owns part of the onboarding process. As the HR Coordinator, I oversee this process and provide the checklist to each responsible party.  Our checklist has tasks categorized by department:  HR, IT, administration and finance, hiring department and communications. Each employee notates where their task(s) is in the process or if they are completed.  With one click, I can check the status of each employee’s onboarding and ensure that everything is set up and ready for their first day as well as monitor future onboarding tasks.

Your organization may not have these resources available, or it may fall on you to implement or update this process for your organization.  Here are some things to consider when building your own checklist:

  • Who will be responsible for the onboarding checklist?
  • Where will the checklist live?
  • What format will you use to create the checklist­?
  • What needs to be included on the checklist?

 Whatever process you choose for organizing and executing your onboarding checklist, you should keep two goals in mind. The first goal is for your employee to walk into their new role on day one and be set up for success. You want them to focus on the positive things, like training and building relationships with their coworkers, instead of struggling with things like faulty computer equipment or hunting down usernames and passwords. The second is to maintain the positive traction you have with the new employee. This is where the hiring manager plays a pivotal role. They will continue to use the onboarding checklist to implement trainings, provide performance feedback and make sure they have the toolset to do their job successfully.

 As the employer, you get one opportunity to present a company culture where new hires feel they belong within the organization, feel engaged and affirm they made the right decision to join your team. Using an onboarding checklist makes this process consistent and more effective.

Keeping track of the onboarding process for new hires can be overwhelming for even the most seasoned HR team. If you are not sure where to start or would like to see what is included on a checklist, click here for a sample.

 

Cory French serves as HR Coordinator at Cobbs Allen. She focuses on associate services including benefits and onboarding of new associates. Cory has more than 10 years' experience in the employee management and human resources.


Cobbs Allen Welcomes New Associates

Posted by Madeline Perkins on April 4, 2018

Welcome_Ashley_Melannie_Shannon_x2.png

(Pictured from left to right: Ashley Oden,Melannie Layne, Shannon Smith,Shannon Westmoreland)

 

Cobbs Allen is pleased to welcome four new associates to our team. Ashley Oden, Melannie Layne, and Shannon Smith join our Birmingham office, and Shannon Westmoreland joins our Houston office.

Ashley will be working as an Associate Client Manager in the Premier Business Division. She previously worked at Allstate, where she learned the ropes of personal insurance and received her Property and Casualty license.

Melannie also joins us as an Associate Client Manager in the Premier Business Division. She has previously worked at Chubb for 10 years and Molton Allen Williams/USI for 15 years.

Shannon Smith joins us as a Client Manager in the Premier Business Division. She has five years of industry experience, including work in personal lines and auto insurance claims.

Ashely, Melanie and Shannon and will all work within our Premier Business Division to be clients’ day-to-day contacts. They will also assist with special projects and fulfill client requests.  

Shannon Westmoreland joins as an Account Executive in the National Accounts department. She has over six years of insurance experience. Her specific focus is in servicing Upstream Energy accounts in Houston and London.

 


Cobbs Allen Welcomes New Consultants

Posted by Madeline Perkins on April 2, 2018

 Welcome_John_Pat_etc._Blog_white_lines.png

(Pictured from left to right: John Pat Weinacker, Marshall Bridges, Mike Madden, Steve Hicks)

Cobbs Allen is thrilled to announce the addition of four new consultants to our team—John Pat Weinacker, Marshall Bridges, Mike Madden, and Steve Hicks.

John Pat will be working as a consultant in our employee benefits department. He has six years of experience working in insurance and finance, both at Northwestern Mutual and Lloyd R. Wilson and Associates. He was named one of Birmingham Business Journal’s Rising Stars of Money in 2016.

Marshall joins Cobbs Allen as a risk consultant in our property and casualty division. Although only in his second year of insurance since graduating from college, he has already had two prestigious internships, one in London with Miller and another with Chubb.

Mike has worked in insurance for over 20 years. His previous experience includes work at McGriff Seibels & Williams, Marsh, and USI. He will be working as a risk consultant in our property and casualty division.

Steve comes to Cobbs Allen from working as a lieutenant firefighter and paramedic in the Birmingham area. He served in emergency services for 25 years and has extensive experience in leadership, training and implementation, and expertise in public safety and emergency care. This background gives him a unique perspective on risk analysis and management which he will bring to his job as a risk consultant in our property and casualty division.


March Client Spotlight: Hero Doughnuts

Posted by Caitlin Miley on March 29, 2018

hero_dounughts-blog.png

 

Company Name: Hero Doughnuts

Owners: Wil Drake and Jason Wallis

Location: Birmingham, AL

Years in Business: 2

Industry: Doughnuts, Coffee and Burgers

Website: www.herodoughnuts.com

This month’s client spotlight is the sweetest yet (pun intended). Hero Doughnuts specializes in hand-crafted holed and filled brioche doughnuts. One scroll through their Instagram feed and your sweet tooth will be begging for more.

All dough and glazes are made from scratch in house. Because of the time this takes—three days, to be exact—Hero sometimes sells out of doughnuts for the day, but you can count on them to always be fresh!

Hero Doughnuts also makes soft serve frozen custard and brioche buns in house. The frozen custard is a delicious addition to a doughnut, and I highly recommend ordering a burger served on one of their homemade buns!

Cobbs Allen is proud to have been partners with Hero Doughnuts for the past two years. As their property and casualty broker, we make sure the insurance process is as sweet as their doughnuts!

 

 


This site uses cookies. Some of the cookies we use are essential for parts of the site to operate and have already been set. You may delete and block all cookies from this site, but parts of the site will not work.