The 5 People Who Don't Know They Need Business Insurance

1. July 2015 07:47

freelancer working on her laptop at home

When you run your own show, you probably need small business insurance to address your liabilities and protect your work gear. But sometimes, it's hard to tell whether or not the work you do actually qualifies as small-business ownership, especially if it's not your primary source of income.

So what then? If you're having a hard time determining whether your hobby or side gig requires you to carry insurance, this post is for you. Here are the five types of workers who could benefit from their own coverage.

1. Rideshare Drivers

Insurance Journal states about 75 percent of rideshare drivers (i.e., those who offer services for Uber or Lyft) don't have ridesharing insurance. Conventional personal auto insurance policies usually don't cover commercial driving activities, which is what ridesharing technically is.

There is an easy fix: talk to your insurance agent about your ridesharing activities. Insurance companies are currently scrambling to offer rideshare-specific policies, but Commercial Auto Insurance may also help fill the gaps in personal policies.

2. Freelancers

Say you write for a living, mostly think pieces for online publications. You're not beholden to any single publication, and you do a good job of cobbling together enough work to pay your bills. But that doesn't mean you're a small-business owner, right?

In the eyes of the IRS, you are indeed a small business. Any paid freelancing work that generates $400 in revenue is subject to self-employment taxes, but that's not all. If you miss a deadline or give unreasonable advice, your clients can sue you for breaching your contract or claim your negligence caused them financial loss. And the list goes on.

According to a study by Freelancers Union and Elance-oDesk [PDF], you're not alone – 34 percent of the US workforce is made up of freelancers. By and large, most of these 53 million Americans need small business insurance to address the risks they take on by working for themselves.

The kicker? Many of these workers don't realize the risks they have and aren't insured.

3. Moonlighters

Let's say you're a baker – and a good one at that. You create custom desserts for corporate events, bake sales, and special occasions. It's nothing too serious, you tell yourself – just a hobby that happens to make you a little extra money on the side while you work as a full-time employee at a local bakery.

Now riddle us this: are you a small-business owner?

In short, the same rules apply here as they do to freelancers. You are liable for any work you do on your own. Though the bakery you work for probably has insurance to address the mistakes you may make while representing that business, it can't cover your part-time venture.

4. Home-Office Heroes

According to the Small Business Administration [PDF], about 52 percent of all small businesses are home-based. But as the Insurance Information Institute reported several years ago, 60 percent of home-based businesses don't have commercial insurance.

Turns out many at-home business owners may mistakenly think their homeowner's insurance covers their liabilities and commercial property losses. Not so. Many homeowner's policies don't include coverage for business assets or business-related lawsuits. If they do, that coverage is likely a fraction of the protection a Business Owner's Policy offers.

So if, for example, you have a client over to your house for a meeting and your tiny Pomeranian chews on their Prada briefcase, don't expect your homeowner's policy to cover that property damage.

To learn more about the limitations of a homeowner's policy, check out our infographic "Is Your Home-Based Business Covered?"

5. Independent Contractors

As far as the IRS is concerned, there's not much distinction between a freelancer and an independent contractor. Both work for businesses on a project-by-project basis, both work for themselves (meaning they can pick and choose their work), both are responsible for paying self-employment and income taxes, and both need their own insurance coverage.

So if you rent a booth in a salon, you're an independent consultant, or you receive a 1099 from a client, you're an independent contractor. As such, you assume the liabilities that come with your line of work.

For example, say you do rent a booth at a salon. You use a type of hair dye on a client that causes an allergic reaction. That client could sue you over the resulting medical expenses. That's why it's smart to have General Liability Insurance, which can provide coverage for third-party injuries, and Errors and Omissions Insurance, which can step in when you're sued over providing subpar work.

Also worth noting: your clients may require you to carry insurance anyway, so taking the initiative now can make you more marketable later. To learn more about the freelancer insurance or contractor insurance clients may require, read "The Small-Business Owner's Guide to Contractor Liability Insurance."

Uber Ruling: Driver Is Employee, Must Get Workers' Comp

30. June 2015 08:57

driver cheering in a green car

The California Labor Commissioner's Office finally reached a decision that could have sweeping implications for Uber drivers. According to The Washington Post, regulators ruled that Uber drivers are employees, not contractors.

Uber tried to argue that drivers can't be employees because the company allows them to pick and choose when they want to work and which rides to accept. The commission disagreed, noting that Uber vets drivers and doesn't allow them to set their own rates.

So far, this ruling only applies to the woman who filed the case (the report notes that she "just wanted her money back"). But it could set a precedent for thousands of other lawsuits or a class-action suit for similar changes.

Of course, there will likely be an appeal or multiple appeals, but for now, let's take a look at what the implications of this case could mean for Uber and the share-based economy at large.

Uber Costs for Uber

Say this ruling does stick, and from now on, Uber and its rideshare ilk have to classify drivers as employees. What would that mean in practice?

In short, Uber would be responsible for a whole host of costs it dodged before:

Uber may have as many as 160,000 drivers nationwide, according to The Washington Post report. Unless the rideshare company has a deep employee-expense cushion built into its budget, those drivers may represent a serious ding in the bottom line.

Why Small Businesses Should Stay Tuned on the Great Uber Debate

The Uber case is a good reminder that misclassifying employees as independent contractors is a pricy misadventure. The Department of Labor continues to aid states so they can enforce proper worker classification through auditing programs. Employers who inadvertently misidentify employees as freelancers may be fined for violating Workers' Compensation laws and required to pay for other benefits and taxes.

Though you may very well find yourself in the position where you have to distinguish between employees and contractors when you hire help for your own business, you may be on the other side of the coin, too. For example, you may make a living as an independent contractor who offers services like those enabled by Uber or other tech platforms. These rulings may make it more difficult to preserve your freelancer status.

Regardless of what becomes of this ruling, one thing is certain: attitudes toward what work means and how it should be compensated in a share-based economy are still in flux. Hopefully, the trend toward fair compensation and benefits continues.

To learn more about app-based services clashing with old laws, read "ADA Compliance Continues to Plague Some Startups."

5 Business Events that Should Trigger Password Changes

29. June 2015 07:48

keys in door lock

A 2014 SplashData survey found that the password "123456" is the most common password exposed by data breaches. Though we've all heard how dangerous it is to use easy passwords, reuse them, share them, list them in a file, or write them down on sticky notes and affix them to computer screens, it seems passwords continue to be the downfall of businesses.

If you want to keep passwords from undermining your business's digital security, you have to watch out for these five small business events. When they happen, you should change the passwords on your essential accounts right away.

1. An employee leaves.

When an employee leaves, they take your information with them, even if they just stow it away in their minds. Keeping the same old passwords can leave the door open for would-be hackers.

For example, The Washington Post reports that the FBI is investigating how staff members for the St. Louis Cardinals hacked into the Houston Astros' network to access proprietary statistics, scouting reports, and trade discussions. When the Cardinals executive Jeff Luhnow became the general manager for the Astros, he took a lot of sensitive information with him. Investigators think St. Louis team officials used a master list of Luhnow's old passwords to break into the Astros' network.

Businesses that use shared passwords or reuse old passwords may be at risk when a disgruntled employee decides to use that information to access your network or give others access to it.

2. You have to give temporary access to someone.

If you hire a contractor, a temp worker, or your employee steps into a new role, you may need to dole out access to restricted parts of your network. However, once these workers no longer need access, void their login credentials and change the password. After all, Target's data breach was only possible because hackers were able to steal the HVAC contractor's login credentials (more on that in "How to Keep Your Business Partners from Exposing You to Data Breaches").

3. You notice suspicious activity.

If your bank account has been drained or your credit card is maxed out even though you haven't spent a dime, you can be fairly certain someone has gained access to your financial accounts. But really any fishy behavior on any business account should trigger a password change. It can't hurt to err on the side of caution, at least.

4. You log on to a public computer or network.

Can't remember if you logged out when you checked your email on a public computer? Don't chance it. Better to change your email password now than to regret your overconfidence later.

5. Someone tried to phish you.

If you or an employee receives a phishing email, be sure to delete the message from your business servers and promptly require employees to change their passwords. Read more about how to detect a phishing scam in "23% of Small Business Employees Still Make This Critical Mistake."

Password Dos and Don'ts

If any of those five events happen at your business, it's time to queue up the reset password option on all your major business accounts (e.g., network logins, email, etc.). Before you choose a password, be sure you pick one that can't be easily cracked. Here are some tips to keep in mind when you switch your locks:

  • Don't reuse old passwords. Reusing old passwords gives hackers an easy way to exploit your system, resulting in a data breach.
  • Don't use simple sequences. Avoid a sequence of numbers such as "123456" or "567890." Letter sequences such as "qwertyuiop" (the top row of letters on a standard keyboard) are also weak choices.
  • Don't use a favorite sport. SplashData notes "baseball," "football," "hockey," "soccer," and "golfer" are popular password choices, as are favorite teams (e.g., "yankees," "eagles," "steelers," "rangers").
  • Don't use your birth year. Avoid your birthday day, month, and year altogether.
  • Don't use common names. According to SplashData's survey, "Michael," "Jennifer," "Thomas," "Jordan," "Hunter," and "Michelle," all make regular appearances on the frequently used passwords list.
  • Do use a combination of letters, numbers, and special characters. Capitalize at least one letter, use a unique key (e.g., "?" or "%") in conjunction with your set of letters and numbers.
  • Do use two-factor authentication. This requires a secondary form of authentication, such as a code sent via text message that you must enter to log in.
  • Do change your passwords frequently. For email, you may want to change your password once a season. Social media account passwords can be changed biannually.

For more tips on shoring up weak security links that lead to data breaches, read "Avoiding a Data Breach: Lessons from TurboTax."

Why Small Businesses Shouldn't Hire 70% of Employees

26. June 2015 08:00

bored employees snoozing at a meeting

Take a look around your workplace. What do you see? If your workers reflect the findings of Gallup's "State of the American Workplace" survey, you may be surprised to realize only 30 percent of your employees are engaged in the work they're doing. According to the survey, the majority of employees are…

  • Disengaged (52 percent).
  • Actively disengaged (18 percent).

In terms of productivity, Gallup asserts the employees who are phoning it in cost businesses $450 billion to $550 billion in lost productivity a year. So while it may seem harmless when some employees relentlessly surf Facebook and keep giving their job minimal effort, know that this dead weight can be measured in gold.

Gallup also notes that disengaged employees are more likely to:

  • Steal from their companies.
  • Miss work.
  • Repel customers.
  • Negatively affect profits.

Plus, disengagement and high turnover rates seem to go hand in hand.

In short, disengaged employees are bad for business and you can't afford to hire them. With a small business, you need every hand on deck because you don't have many employees to spare.

But what makes for an invested employee? Gallup's research notes more education isn't a good marker for high engagement, especially if the employee is underemployed. Women are typically more engaged than men, but only slightly (33 percent vs. 28 percent, respectively).

Let's take a look at how to improve employee engagement.

Employees, Engage!

Unfortunately, you can't just snap your fingers to get your employees to feel as though they have a stake in your business on a daily basis. But these tips can help you development employee engagement little by little.

  1. Pick your managers wisely. The Gallup report notes that who you name as manager may be the biggest single factor in whether or not your employees tune in when they clock in. If you're the only one running the show, know that you can't just give marching orders and expect high quality work. You have to interact with your workers and build relationships. That's the primary way to ensure they care about the future of the company – they have to feel invested in its leaders.
  2. Allow flexible work options. The survey notes that remote employees are more engaged than in-office employees. If you can offer telecommuting options, do so. If you can't, explore other flexible work arrangements and schedules instead.
  3. Develop employees' skills. Part of keeping employees engaged means giving them the tools to succeed in their work projects and their careers. This may mean offering to help pay for continuing education courses, thoroughly training employees, or nurturing employees' talents and interests by giving them work that exercises those skills.
  4. Recognize good work. In team meetings, be sure to mention employees whose work stood out. Public recognition can be a powerful motivator. Another variation is to let employees recognize each others' good work at these meetings by giving them the chance to note accomplishments or problem solving they admired.
  5. Listen. If employee feedback is valued, workers will feel as though they have an actual stake in the company.

Did you accidentally hire a disengaged employee? Before sending them out the door, learn more about how to handle a problematic employee in "Small-Business Owners: What Happens When You Hire the Wrong Person?"

Can't Pay Your Employees During a Shutdown? Business Interruption Insurance Can

25. June 2015 07:54

taking money out of a wallet

It's not often employers make headlines for treating their employees well, but we have to admit, it's a nice change of pace from reports of employees being underpaid, hurt at work, discriminated against, or fired en masse.

According to Entrepreneur, Bruce Kroll, the owner of a Culver's restaurant, was at a crossroads after a fire demolished the building – let his 40 employees go or figure out a way to keep them on the payroll. The interview states his insurance would only cover two months' worth of their pay, but what about the rest of the months the business would be closed for repairs?

So Kroll says he did what made the most business sense to him – he paid the remaining four months of wages out of pocket. Though it ran him about $140,000, he tells Entrepreneur it was worth it to keep the team that helped him create his business.

It's an inspiring story, but one that begs the question: what is a small-business owner to do when they want to keep their team, but they can't afford to pay salaries out of pocket while the business is inoperable?

Sounds like a job for Business Interruption Insurance.

Retain Talent While You Rebuild with Business Interruption Insurance

Perhaps you've heard of Business Interruption Insurance before – we talk about it quite a bit, given that it's hurricane season, fires can blaze any time, and disasters are expensive. But did you know one of the biggest benefits of this policy is that it can help you pay your employees' wages even when a covered disruption keeps your business from generating revenue?

This policy typically offers up to 12 months of lost income coverage, which means you can keep your employees even if it takes your business a year to rebuild. However, be sure to read your policy carefully so you know exactly how long your benefits last.

Here are some other things worth noting about Business Interruption Insurance:

  • This policy kicks in three days after a covered Property Insurance event (e.g., fire, windstorm, or theft) grinds your business to a halt.
  • It can help pay for ongoing expenses while your business rebuilds, including employee salaries, taxes, and loans.
  • Some policies can provide Contingent Business Interruption Insurance, which covers lost income when your supplier's interruption forces your business to temporarily shut down.

You may think you'd have to pay high dollar for this kind of protection, but you might be surprised to learn Business Interruption Insurance is often part of a Business Owner's Policy, a package known for its affordability.

The Unsung Benefits of Income Protection

Possibly the biggest appeal of Business Interruption Insurance is that it gives you the financial means to keep your team together. Even if that doesn't garner you national attention, it will most definitely inform your employees' opinion of your business.

By taking care of your employees, you take care of your business, too. When you can continue to pay your employees even though your business is at a standstill…

  • It demonstrates that you value your workers and want to do right by them.
  • It allows your business to get back on its feet quicker because you won't have to worry about replacing your talented team.
  • It builds employee loyalty because they feel they can trust your leadership in times of upheaval.

To learn more about why Business Interruption Insurance may be a smart investment, read "How Business Interruption Insurance Fits Into Your Disaster Recovery Plan."

PA Supreme Court's Ruling Could Mean Greater Liability Protection for Small Businesses

24. June 2015 08:09

judge in front of a justice building

Hold on to your hat – this case is a winding road through hilly insurance territory.

According to JD Supra, insurance companies in Pennsylvania clung to a 1967 ruling that affirmed commercial liability policies exclude coverage for additional insureds when the policyholder's employee sues them over work injuries. Insurance companies claimed employer's liability exclusions, which virtually all commercial liability policies have, applied to both the named insured and additional insured. In other words, additional insureds didn't have to worry about getting sued by a policyholder's employee – the lawsuit just wouldn't hold water, and so coverage wouldn't apply.

That was the status quo until a recent case involving the insurance company Mutual Benefit made the Pennsylvania Supreme Court rethink its decision from 1967. The report states that now insurance companies can't use the standard employer's liability exclusion to deny coverage to an additional insured that is sued by the named insured's employee.

That's both bad news and good news. Here's why:

  • Named insured's employees can sue additional insureds over work injuries because they aren't the employer and don't provide Workers' Comp benefits.
  • Additional insureds may be able to draw on the named insured's General Liability Insurance policy to address the lawsuit.

That's a lot of insurance talk to take in, so let's break this down into a digestible example.

The Skinny: Additional Insureds Have More Liability Exposure, but also More Liability Protection

Before we get down to brass tacks, let's establish that as a small-business owner, you may be a named insured – that is, the owner of your very own insurance policy. In some situations, you may also be an additional insured, meaning you are listed on another business's insurance policy. For example, if you do freelance work, you might ask for additional insured status to protect you from lawsuits you might face for doing work for someone else. It's a smart safeguard for when you can't really control the final outcome or course of a project.

Now let's tackle this new wrinkle in your insurance world.

Let's say that you are a construction contractor, and as such, you are an additional insured on your architecture client's General Liability policy. You're working on a residential project and your client sends an architect to supervise the work. One day, you accidentally drop a hammer on that architect's head at the very moment he briefly removed his hardhat. The timing was truly tragic.

The architect makes a claim on your client's Workers' Compensation Insurance policy to cover the medical bills for his work injury. The employee can't sue his employer over the injury if he accepts the employer's Workers' Comp benefits (medical costs, replacement wages, etc.). In most states, this is called the "exclusive remedy rule."

But the head trauma has had a lasting negative impact on the employee, so he seeks alternate avenues to get additional compensation for the injury. He decides to sue you. However, so long as the new Pennsylvania ruling stands, you can draw on your client's General Liability policy (which can address lawsuits over third-party bodily injuries) to cover the claim because you're listed as an additional insured.

So, What Now?

The takeaway is that if you're an additional insured, a named insured's employee can potentially sue you. That said, insurance companies can't rely on the employer's liability exclusion to deny your coverage when you make a claim on the named insured's policy for the lawsuit. All in all, it's really the insurance companies that are most affected by the PA ruling.

However, for small-business owners who have additional insureds, this could mean their policies may bear the brunt of more claims. On the other hand, insurers will probably take steps in the future to ensure policies won't allow for this type of coverage.

This is pretty complicated stuff, so if you still have questions, please feel free to talk to one of our insurance agents.

When an Arbitration Clause Might Not Actually Help Your Business Avoid a Lawsuit

23. June 2015 08:14


A new case involving Uber highlights that arbitration agreements may not be as bulletproof as many would like to believe. According to the Los Angeles Times, a California judge ruled that Uber's arbitration clause in its drivers' contracts is unenforceable. That's because…

  • The contracts' wording is too vague.
  • The drivers couldn't easily opt of the 2013 arbitration agreement.
  • Under California law, the clause is considered oppressive.

The report notes that Uber's arbitration opt-out option was squirrelled away near the end of the contract. To complete the opt-out option, drivers were required to hand-deliver a note to Uber's San Francisco headquarters or send a note via an overnight delivery service. That's a lot of legwork to avoid a supposedly voluntary clause.

Though this case may be more bad news for Uber – a company that's no stranger to litigation these days – it emphasizes that contracts are useful risk management tools, but they can't be your only line of defense.

Sign Here: Why Contracts Alone Aren't Enough

This should come as no surprise to anyone: litigation is expensive. It can take months or years before a case even goes to court, and all the while, attorney fees keep ticking like a meter in a cab zipping circles around the city. That's why big companies, startups, and small businesses often hang their hats on arbitration clauses in their contracts.

Here's how it works:

  • When an employee or a client signs a contract that contains an arbitration clause, they agree to settle disputes out of court.
  • If a conflict arises, an arbitrator (i.e., a neutral third party) will be called in to hear arguments from both parties, assess the evidence, and decide on the dispute.
  • It's a much cheaper and quicker alternative to litigation.

For many businesses, these clauses may seem like a concrete risk management move. After all, once the party signs the dotted line, they can't "go back" on their word, right?

But the Uber case clearly demonstrates that even when you have arbitration agreements in place, you may still have to go to court, especially if those clauses are overbearing. Even tame clauses can be challenged. So the big takeaway here is that even when you anticipate risks and try to manage disputes with contracts, you can still get hit with lawsuits.

That's why it's essential to have insurance policies that can help you handle legal expenses in case you're accused of wrongdoing.

Insurance as a Safety Net for Challenged Contracts

Obviously, the goal for any business owner is to avoid lawsuits. They are hard on both your wallet and your reputation. Small business insurance – especially liability insurance – is a necessary fortification for your business contracts.

If your arbitration clause is challenged and a judge agrees it's too far-reaching to be enforceable, at least you have the peace of mind that you won't have to pay all your legal expenses out of pocket. Instead, you simply pay your insurance premiums and meet your deductible, and hopefully, your coverage can handle the rest.

Here are a couple small business insurance policies that might come in handy if an arbitration clause can't keep you out of court:

To learn more about how business insurance and contracts work together to form a comprehensive risk management strategy, read "Case Study: How Good Contracts Can Protect You From Legal Trouble."

Whoops! Cleaning Up Your Digital Blunders

22. June 2015 08:07

man holding his head in his hands

We’ve all made mistakes in business and in life, but now that so many things live forever on the Internet for all to see, online mistakes are harder to redeem – even if you correct them immediately.

On the plus side, the speed of the web has made people a bit more forgiving when it comes to simple grammar or copy editing mistakes. On the negative side, mistakes like these still make your business look unprofessional, and that can cost you.

Here are some common digital blunders you’ll likely make at some point and how to make amends:

  1. Failing to proofread your copy. A spelling mistake on your website might not seem like a big deal, but it sends a message to your customers that you don’t care about the details, and that’s not good. Make sure you hire a copy editor to go over your marketing materials and your website to correct grammar and spelling mistakes. Your email messages matter, too. All email programs have spelling and grammar tools – use them.
  2. Responding to unfavorable reviews. You may not like a negative review made about your business, but the worst thing you can do is to lose your temper online. Quickly respond by offering to return the money, offer a discount, or simply ask the disgruntled customer to contact you offline so you can fix the situation.
  3. Offending followers on social media. In general, it’s a good idea to stay away from controversial topics online. Don’t support a specific political candidate or bash any social group. On the other hand, if your business is all about conservation and the green movement, followers need to know where you stand on those issues and speaking out can only help your business to get your message across. Just remember to stay polite and open minded when it comes to social media. Offend the wrong person, and the word will spread quickly.
  4. Sending the wrong email or text. If you realize you’ve sent an email to the wrong person, your best bet is complete transparency. Own up and explain what happened, quickly and simply. If the email or text was offensive, offer an apology and make sure the recipient knows this has nothing to do with them. If it actually did have something to do with the recipient, use the opportunity to clear the air. Best rule of thumb: imagine every email you send might end up on the Internet, and write accordingly.

Rieva Lesonsky is CEO of GrowBiz Media, a media and custom content company focusing on small business and entrepreneurship. Email Rieva at, follow her on Google+ and, and visit her website to get the scoop on business trends and sign up for Rieva’s free TrendCast reports.

Three Cheers for Net Neutrality? If You're a Small Business, Yes

19. June 2015 07:51

business man throwing confetti in his own face

No blocking. No throttling. No paid prioritization.

Those are the three cornerstones of the FCC Open Internet rules that took effect on June 12, 2015. And if you're a small-business owner, that news should indeed be music to your ears. Why?

Because the FCC now has the power to ensure Internet providers don't abuse their control by favoring companies that can pay high dollar for "fast lanes." With the rules in place, your website's visitors can keep getting to your site at the same speed they visit any other site. In other words, your big competitors can't pay to have their content prioritized while Internet providers jam up your web traffic just because you didn't fork over the extra toll.

Maybe think of it this way: net neutrality is like all businesses being equally near public transportation. It doesn't guarantee that people are going to use that transportation to visit your business, but it does ensure that people can get to you without having to take 10 detours and walk a mile whereas they are dropped at your large competitor's front door.

Metaphors aside, let's take a closer look at the so-called "bright line" rules of net neutrality and what these rules might mean for the future.

Turn On the Bright Lines

According to a helpful Q&A by The Washington Post, here's what the FCC's three bright line rules mean:

  1. No blocking. Internet service providers (ISPs) can't block legitimate traffic on their networks. So long as the content is legal, they must let visitors access it.
  2. No throttling. ISPs can't make sites they don't like load slower.
  3. No paid prioritization. ISPs can't accept payment from website operators in exchange for faster content load times.

These rules aim to equalize the Internet, which gives small businesses a chance to thrive without being stalled simply because they can't pay for fast lanes or because their content is controversial or niche.

That isn't to say ISPs can't charge based on Internet speeds. Rather, think of the Internet service as a highway where you pay based on how fast you want to go. However, the highway operator can't prevent cars from moving just because it doesn't like where the vehicles are headed.

According to the Q&A, Internet service providers (e.g., telecom companies, cable companies, and wireless carriers) are most affected by these rules. ISPs have the financial incentive and technical abilities to abuse the Internet experience, which is why the FCC classified broadband companies under Title II of the Communications Act. Doing so gives the FCC the ability to intervene when ISPs try to flex their muscle.

Net Neutrality and the Future

The bright lines rules aren't the whole net neutrality story. The FCC wanted to leave enough wiggle room so that its rules can adapt even as technology changes. According to The Washington Post report, the "general conduct" standards give the FCC the ability to police future ISP behaviors that aim to:

  • Stifle competition.
  • Limit free expression.
  • Curb innovation.

These standards are essentially a loosely written warning that advises carriers to tread lightly.

How these rules will adapt to future technology remains to be seen. Though we can't predict the future, we can say this much: it's starting to look pretty bright for small businesses that depend on an open Internet in order to operate and compete.

5 Things You Do Every Day that Put Sensitive Data at Risk

18. June 2015 08:04

business woman throwing paper into the air

Most of the time, little slipups won't bring the sky falling down around you. But over time, not paying attention to how you dispose of your information or how you conduct your online affairs can lead to data breaches. And as we've pointed out before, data breaches aren't cheap. At best, they cost small businesses an average of $8,699. At their worst, they force 60 percent of small businesses to close up shop within six months.

Really, that's all the incentive you should need to run a tighter ship. But where do you start? Here are some risky behaviors to watch out for.

1. Throwing out old paperwork without shredding it.

Sometimes your desk may look less like a surface and more like a paper holding cell. All those forms, documents, and files take up physical space and brain space (which can hamper productivity). You may be tempted to just throw it all away.

While that can definitely clear your desk, it also gives data thieves a buffet of tasty information. An enterprising crook might find…

  • Doctor's office receipts.
  • Pay stubs.
  • W-4s, W-2s, or 1099s.
  • Employee information.
  • Bank statements.
  • Client information.

Each of these items contains a plethora of personal information that could allow thieves to hack your business accounts, swipe your clients' sensitive data, and steal identities.

According to WPXI News, a Pennsylvania YMCA is in hot water for dumping hundreds of employee files in the trash, which exposed Social Security numbers, birthdays, driver's licenses, and information on W-4 tax forms and child abuse clearances. Pennsylvania's data breach laws require breached businesses to notify affected parties, but the YMCA is also planning on paying for identity-theft monitoring.

The lesson? Don't throw out your important documents or files without blacking out identifying information and shredding them first.

2. Using the same password everywhere.

If you want to take your data security seriously, you need to ditch the same-password habit stat.

If you rely on the same password for your all your accounts – online banking, social media, and business email – one hacked account could give a hacker the keys to your other castles. Bite the bullet and create complex, unique passwords for each important account. For extra credit, you should implement two-factor authentication and change your passwords regularly.

3. Using default passwords on PoS systems.

According to a Computerworld report, the 2015 Trustwave Global Security Report states point-of-sale systems are still a primary target for hackers. It's clear to see why hackers would target these systems – they store hordes of customer financial information. A veritable jackpot.

That's not the only enticing thing about PoS systems. These also have a reputation for weak security. Trustwave affirms that 56 percent of all PoS hacks were made possible by insecure remote access software and weak passwords.

Again, change your passwords regularly, and never, ever keep the factory password assigned to your PoS system.

4. Relying on one smart phone or tablet for work and personal use.

Let's face it: when you're off the clock, cyber risks may not be at the top of your mind. You're scrolling through social media feeds and probably clicking whatever links pique your interest.

But if you use the same devices for both your work and personal life, any malware you inadvertently introduce to your system could corrupt or expose your sensitive business data. If your clients are affected, you may lose client trust and their business.

Play it safe and keep separate devices for work and personal use. For more security tips, read "Running a Business from Your Smartphone? Know How to Stay Safe."

5. Copying sensitive documents on public machines.

If you've ever used a pay-by-the-page copying or printing service, know that it could cause trouble down the road. Even innocuous machines like copiers, scanners, and printers have hard drives that store digital versions of those documents.

It may be more of a hassle to use your tiny printer for big printing jobs, but it might be a better alternative to risking sensitive information falling into the wrong hands. At the same time, be careful when you want to dispose of your old scanner or printer – you'll need to wipe your data from it first. Read more on that in "How Tossing Electronics Can Turn into a Professional Liability Lawsuit."

Customer Rating 4.9 out of 5
Read Customer Reviews