Search for:
News Categories
Request Certificate
Click Here

Contact Us
Click Here

Request a FREE Quote
Click Here

Risk Management
Click Here
Testimonials

“My firm has been doing business with Professional Underwriters, Inc. since the 1970’s. Initially we purchased only professional liability insurance, but eventually we switched all of our lines of insurance to them. There was one year that we switched our professional liability insurance to anot…

Kenneth ShapiroPresidentConsulting Engineering Associates, Inc.

Read more here...

PUI Agency specializes in serving the design / architectural industry. Cindy King, as Vice President of PUI Agency of Colorado, Inc., has been an invaluable resource to our firm. We have used the PUI Agency for almost twenty years, and have had the pleasure of working with Cindy King since 2003. …

Owen LeslieAcquilano Leslie, Inc.

Read more here...

“Professional Underwriters, Inc. has been a valued broker client representing architects and engineers for professional liability coverage for over twenty years. Bob Coleman and his staff throughout the country are knowledgeable as to this industry segment. They are members of the ProNet broker ne…

Duane Repko, Senior Vice PresidentVictor O. Schinnerer & Company, Inc.

Read more here...

“I have been doing business with Professional Underwriters for 35 years (starting with the firm I worked at, and continuing at my Engineering firm). Jeff Gerrick has consistently provided excellent advice regarding my Professional Liability and General Liability Insurance needs, and I trust his hone…

Peter KunkaP.E., PresidentKunka Engineering, Inc

Read more here...

Over the last 7+ years, we have worked with PUI of Colorado and Cindy. We have had nothing but prompt and phenomenal service from the PUI team.

Melissa KisickiThree Sixty Engineering, Inc.

Read more here...

“Professional Underwriters has been providing our insurance needs since 1983. During that time we have trusted them to provide our firm with sound advice and consultation relating to our professional liability and commercial insurance needs. Their knowledge and experience is very valuable in revie…

Terry Broemer, PresidentJohnson & Anderson, Inc

Read more here...

My firm has used PUI for over 15 years. Every year we get solicitations by other companies to switch, but I always come back to PUI because of the service they provide. Cindy King is always available by phone; has thoughtful advice for me; and gives me options for insurance carriers. I look forwa…

John GalambosGalambos Architecture, Inc.

Read more here...

Gallun Snow has been with PUI Agency of Colorado since 2005. All of our business insurance needs are managed and renewed yearly under the guidance of PUI. We have found our relationship to be advantageous and are extremely pleased with the direction we have received over the years. The service provi…

Danielle BellGallun Snow Associates, Inc.

Read more here...

“I wanted to take an opportunity to thank you and all of the staff at Professional Underwriters, Inc. for the dedication and service Fishbeck, Thompson, Carr & Huber, Inc. (FTCH) has received over the 15 years that our firms have been working together. Insurance is one of the most important elements…

James A. SusanPrincipal/President Fishbeck, Thompson, Carr & Huber, Inc.

Read more here...

“I have worked with PUI for almost 10 years, and have always been impressed with their knowledge of the exposures that architecture and engineering firms face and the tenacity with which they represent their clients in the insurance marketplace. Through my experience in working with insurance agen…

Truitt Taylor, RPLU, MBACRC Insurance Services, Inc.

Read more here...

15.03.2021

Cyber Security for Employees Working From Home

Cyber security for Employees Working From Home

Cyber Security | Program Development

Due to work-life balance or other business considerations, more employees are working from home more than ever before. While remote work may offer benefits to both the employee and employer, there are potential cyber security risks when employees work from locations outside of the office. To help minimize these risks, consider these precautions:

Employer
Use a Virtual Private Network (VPN), not Remote Desktop Protocol (RDP).
The use of a VPN is a fundamental safeguard when users access the company’s network via their home Wi-Fi.A VPN allows for encryption of data, which adds a level of protection for information such as passwords, credit card numbers and other sensitive or private information. A VPN can also provide a level of anonymity through capabilities such as masking of location data, website history and IP addresses.
Employers should avoid using the RDP on their network. RDP may be an expedient option, but it is not a secure solution.

Implement Multifactor Authentication (MFA).
The basic principle of MFA is that an authorized user must provide more than one method of validating their identity. Even if a cyber attacker has obtained a user ID and password, MFA decreases the risk that an attacker can gain access by requiring an additional means of validation. Commonly, the factors correlate to something you have (e.g., an authenticator app on a smartphone), something you are (e.g., a fingerprint) or something you know (e.g., a PIN). For more information on the best way to implement MFA at your company, reach out to your technology staff and/or managed service provider.

Ensure remote work practices comply with internal and external policies, laws and regulations.
It is important for companies to understand their regulatory environment and ensure that remote work maintains compliance. It is possible that some roles within a company will not be suited to remote work, in which case companies should be clear with staff about remote work expectations and permissibility. For example, some teleconferencing software may not be HIPAA compliant for use by a medical provider because the software does not encrypt personal health information (PHI). Identify and address risks with storing business information in personal cloud storage or printing on home printers, etc.
Ensure systems, software, technologies and devices are updated with the latest security patches.
Employers should track the equipment to be used in a home environment and provide a means of updating software security patches. The National Institute for Standards and Technology (NIST) provides a National Vulnerability Database that offers information on vulnerabilities from many vendors. For more information about patch management and best practices to consider, reference the NIST Guide to Enterprise Patch Management Technologies.

Employees
Prevent unauthorized users on company resources (e.g., laptops, mobile devices).
Employees should not allow anyone to access company resources, including family members. Whenever possible, use a private location if you are on a call or in a meeting that involves sensitive information, such as anything HIPAA-related.
Use only company-authorized devices for remote work.
Personal devices may not have the same level of security and privacy protections as company devices. If your company has a “Bring Your Own Device” policy, be sure that your use of a personal device is in accordance with that policy. This includes home printers and personal email accounts. It may seem convenient to print work documents on your home printer or send emails to your personal device, but these actions may put your company at risk and violate company policies. Be aware of “shortcuts,” such as taking photos of company documents with your personal phone as an alternative to scanning them, as these shortcuts may introduce privacy and security risks.
Dispose of company documents properly.
Review your company’s records retention and management policies, as well as information management policies, to ensure compliance. If you must dispose of hard copies of company documents, either shred them or securely retain them for proper disposal when you return to the office. Protect physical documents that must be retained as best you can.
For more cyber security best practices while working remotely, see the NIST publication Guide to Enterprise Telework, Remote Access and Bring Your Own Device (BYOD) Security.

Related Resources
Cyber Risk Pressure Test
Cyber Security Management – Getting Started
Cyber Risk Management Self-Evaluation

Please contact your Professional Underwriters, Inc. agent for a quote or email us for a quote at here.

The information provided in this document is intended for use as a guideline and is not intended as, nor does it constitute, legal or professional advice. Travelers does not warrant that adherence to, or compliance with, any recommendations, best practices, checklists, or guidelines will result in a particular outcome. In no event will Travelers, or any of its subsidiaries or affiliates, be liable in tort or in contract to anyone who has access to or uses this information for any purpose. Travelers does not warrant that the information in this document constitutes a complete and finite list of each and every item or procedure related to the topics or issues referenced herein. Furthermore, federal, state, provincial, municipal or local laws, regulations, standards or codes, as is applicable, may change from time to time and the user should always refer to the most current requirements. This material does not amend, or otherwise affect, the provisions or coverages of any insurance policy or bond issued by Travelers, nor is it a representation that coverage does or does not exist for any particular claim or loss under any such policy or bond. Coverage depends on the facts and circumstances involved in the claim or loss, all applicable policy or bond provisions, and any applicable law.