☰ Navigation

1-888-643-2217 Email ABEX
Keeping you updated

Archives

15 Risk Mitigation Tips for Airbnb Hosts

Posted on by

Colourfull condosProperty owners have a unique opportunity to efficiently rent out their entire home, a spare bedroom or other accommodation through the online service known as Airbnb. For travellers, Airbnb is a convenient, web-based platform that provides affordable and flexible alternatives to hotels. For property owners, the tool easily connects various rental units with prospective occupants and makes collecting payments simple and secure.

Despite its convenience and the potential for profit, Airbnb is not without its risks for those who decide to list. Before renting out your home or spare room through Airbnb, keep in mind the following tips:

1. Acquire the proper insurance.

Proper insurance is key to mitigating the risks associated with Airbnb. Take the time to review your renters or homeowners policy with ALIGNED Insurance Inc. to make sure you have adequate coverage in place.

2. Complete a home safety inspection.

Safety inspections can help Airbnb hosts address risks before they balloon into bigger issues. Before listing your property on Airbnb, complete a thorough home inspection and address all of the safety hazards you identify.

3. Screen all guests.

Prior to allowing guests to stay in your home, it’s a good idea to check their background. To begin, ensure that prospective guests are verified through Airbnb. You can also review any connected social media accounts and read guest references through the site. Above all, trust your instincts.

4. Set clear rules.

Through Airbnb, you can create guidelines for guests by completing the House Rules, Home Safety Card and House Manual sections of your profile. This allows you to set clear rules for guests around etiquette and safety.

5. Establish occupancy limits.

Limiting the number of occupants that can use your property will help ensure that guests are comfortable and safe during their stay. Occupancy limits should take into account the size of the property and local regulations.

6. Add a security deposit.

Adding a security deposit to your Airbnb listings can lessen the financial blow in the event of damaged property or another incident.

7. Secure your valuables.

When you open your home to guests, there’s the potential that valuables could be damaged or stolen. To protect expensive items, consider moving them into a safety deposit box or to a secure off-site location.

8. Protect sensitive information.

Your property isn’t the only thing you need to worry about when inviting guests into your home. To help prevent identity theft, make sure that guests cannot gain access to any files (physical or electronic) that contain sensitive personal information.

9. Install smoke and carbon monoxide detectors.

Safety equipment like smoke and carbon monoxide detectors should be installed around the premises to protect guests and your property. Emergency exits should be properly labelled as well.

10. Child-proof your premises.

It’s likely that some of your guests will have children. To protect younger guests, take the time to properly child-proof your home.

11. Keep your accommodations maintained.

Good housekeeping can help guests avoid common injuries such as slips and falls. Prior to each stay, examine your home for any new housekeeping issues that must be addressed.

12. Provide contact information.

Always supply your guests with information sheets that indicate local emergency numbers and the nearest hospital. Provide a clear emergency contact number for yourself, as well as backup, for easy guest reference. Also make clear how you should be contacted if the guest has questions or issues arise.

13. Supply a first-aid kit.

In addition to providing emergency contact information, having a first-aid kit readily available and fully stocked at all times is important to guest safety.

14. Verity compliance with regulations.

Regulations around Airbnb hosting can differ depending on your location and the type of accommodation you are renting out. Double-check that you are compliant with local and provincial laws before using Airbnb.

15. Notify those who could be impacted by your guests.

When you host guests through Airbnb, there is the potential that neighbours or roommates could be impacted. To avoid unnecessary conflict, let your neighbours or roommates know ahead of time that guests will be using your property.

 

© Zywave, Inc. All rights reserved.

4 Tips for Avoiding Kidnappings Abroad

Posted on by

prisonerCanadian John Ridsdel was kidnapped by a terrorist organization and held for ransom while visiting a resort island in the Philippines in September of 2015. In April of 2016, Ridsdel was killed by his captors. A retired executive, Ridsdel was an avid traveller and knew the region he was visiting well—proof that kidnappings abroad can happen anywhere and to anyone.

This tragic incident helps illustrate just how important it is for businesses that allow their employees to travel abroad for work to protect those workers. The following are four tips employers should share with their employees to ensure safety abroad:

  1. Be aware. Most kidnappings can be avoided if the employee is aware of his or her surroundings. Having a deep understanding of the culture and how you may be perceived can go a long way toward avoiding dangerous situations. Ensure that your employees understand how to properly conduct themselves in public.
  2. Transportation. Ensure that you have provided approved transportation to your employees. Never provide transportation you are unsure of, as this can be dangerous. Employees should also be advised to avoid spontaneous trips to unfamiliar areas.
  3. Vary your schedule. Sticking to a daily routine is good for planning, but it can make an employee an easier target for kidnappers. For long-term trips, instruct employees to change up their routes to and from their hotels as possible.
  4. Be wary of the local authorities. Abroad, the local police can be an invaluable resource to your employees in the event of an emergency. However, they can sometimes be just as dangerous as the kidnappers themselves. In fact, in some foreign countries, local police may do the kidnapping themselves or play a role in helping kidnappers capture unexpected travellers.

To further protect employees, businesses should consider purchasing a kidnap and ransom insurance policy. This type of coverage is a stand-alone policy designed for those businesses whose employees travel internationally, and it covers costs related to kidnapping, ransom, wrongful detention, extortion and hijacking.

© Zywave, Inc. All rights reserved.

The Risks of Allowing Employees to Use Tablets

Posted on by

iStock_cell & tablet-000022454376SmallTablets and other such devices have become increasingly common in the average workplace. And, while these devices can be important for your employee’s daily work, they also represent a cyber risk if they are not properly managed.

The following are just a few of the major risks associated with having tablets in the workplace:

  • Mobile malware. Tablets are typically infected by malware via malicious apps and phishing scams. When this happens, a cyber criminal can gain unauthorized access to the device and associated network systems. In general, iOS tablets like iPads are safer from malware than Android tablets. However, mitigating the risk of malware typically comes down to the user. Workers should avoid downloading unfamiliar apps.
  • Loss of data. Following a security breach, data loss is inevitable. For tablets, this could mean that users are locked out of their devices altogether. To protect your business, employees should always back up their data, and ensure that no sensitive or proprietary information is stored on it.
  • Unsecured networks. Unsecured networks are a particular concern for tablets because they are easy to take on the go into areas with free and public Wi-Fi connections, like cafés and airports. These connections are not always secure and can be easily hacked by cyber criminals. To prevent this, employees should be reminded that no public Wi-Fi is safe. For further protection, offer a virtual private network (VPN) that your employees can utilize to safely use the internet off-site.
  • Theft. In addition to virtual threats from hacking and phishing scams, cyber criminals could just as easily steal the tablet itself. This could give them unlimited access to proprietary or personal information. To combat this, employees should never leave their devices unattended. Using a secure password can also help prevent theft of information.

Above all, employers should have a personal device policy in place that accounts for security threats. Employees should know what they can and cannot do with their devices and how to protect the sensitive information contained within. These policies should be extended to other personal devices with internet access, such as smartphones.

4 Takeaways from a Cyber Study

Posted on by

Cyber lock with chainsThe Scalar Security Study is an annual report that examines how prepared Canadian businesses are for cyber threats. Specifically, the study surveyed 654 IT and IT security practitioners to determine the average cost of a cyber attack, whether organizations feel prepared for cyber threats and what tactics they find most effective when it comes to protecting themselves. The following are some of the major findings from the study:

  1. The number of cyber attacks is increasing. Survey responders reported experiencing an average of 40 cyber attacks per year. This number represents a 17 per cent increase compared to last year’s report. It’s important to note that many of these cyber attacks related to the loss of sensitive information.
  2. Organizations are less confident in their ability to protect themselves. Cyber attacks are increasing in frequency and sophistication. What’s more, insufficient personnel or lack of in-house expertise were found to be the major reasons for why organizations felt unprepared for the increasing threat. In fact, only about 37 per cent of organizations felt they are winning the war against cyber criminals.
  3. Organizations are concerned about security threats from mobile devices. Mobile devices and applications were two of the major security concerns for organizations. These risks require both technological and internal governance to help mitigate the risk.
  4. Intellectual property is a major and expensive target of cyber criminals. The loss of intellectual property and other proprietary information due to cyber attacks impacted 33 per cent of the businesses surveyed, with the average cost of the loss coming in just under $6 million.

In addition to the above, the report found that cyber security threats will increase in severity. Businesses will need to adapt to the changing landscape if they are to protect themselves from the devastating losses associated with cyber crime.

©  Zywave, Inc. All rights reserved.

Preventing Social Engineering Attacks

Posted on by

Social EngineeringReliable security systems can prevent losses for your business. While many businesses invest large sums of money into building sound physical structures and robust IT systems or even hiring on-site security guards, they often overlook the biggest security vulnerability—people.

No matter how dependable security systems might be, people with authorized access to those systems will always be a vulnerability. That’s why criminals have begun employing a series of tactics called “social engineering” to convince people to give them access—something that costs companies billions each year, and is completely preventable.

What is social engineering?

Social engineering is the art of accessing information, physical places, systems, data, property or money by using psychological methods, rather than technical methods or brute force. In order to do so, social engineering relies upon a set of tactics that exploit psychological weaknesses and blind spots in order to convince victims to give social engineers what they want.

That’s what can be so dangerous about social engineering—criminals can use psychological blind spots to have employees willingly give unauthorized parties access, information or property. These attacks can occur in a number of different forms, including a well-crafted spear-phishing campaign, a plausible-sounding phone call from a criminal posing as a vendor, or even an on-site visit from a “fire inspector” who demands access to the company’s server room.

Psychological Weaknesses

There are a number of different types of attacks, but social engineers almost always prey upon the following psychological weaknesses in order to get what they want:

  • Fear of conflict. People dislike conflict and confrontation and will use almost any excuse to avoid them. Social engineers exploit this by exuding confidence when they ask for information or physical access that they have no right to. When social engineers display confidence, most people prefer to comply with requests rather than challenge them.
  • Getting a deal. Confidence artists have always relied upon the greed of their victims; social engineers exploit a similar principle. These criminals have often been known to use gifts and giveaways to get victims to let down their guard. Sometimes, the giveaway itself will be used to masquerade a piece of malicious code that the unsuspecting victim then uploads to his or her computer.
  • Sympathy. Sometimes, social engineers employ a softer tactic, using charisma and humor to gain sympathy or to ingratiate themselves to an individual or group. By establishing rapport and breeding positive feelings, victims are too distracted to realize that they’re being scammed.
  • Need for closure. The need for closure is a well-documented psychological need, and one which social engineers exploit. In the event that they are ever questioned or confronted, social engineers who’ve done their homework will have an answer to any challenge or question likely to come their way. In most cases, any answer—even if it’s undocumented, unsubstantiated or blatantly untrue—offers people psychological closure, giving them the sense that they’ve done their due diligence.

Preventing Social Engineering Attacks

Educating your employees is essential to minimizing the risk of social engineering. Even the best security system will fail if employees willingly allow unauthorized use of their workstations or email their system credentials to a criminal. In order to make your educational efforts stick, consider employing the following strategies:

  • Encourage your employees to “Stop. Think. Connect.” The “Stop. Think. Connect.” campaign is a global initiative that encourages people to be smarter about online privacy and security. The motto is an easy-to-remember way to approach divulging sensitive information, both in person and online.
  • Make a personal connection. The same principles that make your company vulnerable can make your employees vulnerable in their personal lives. Show employees how the same practices for security at work will make them more secure in their personal lives as well.
  • Use “social proof” to your advantage. Social engineers will often deploy social proof—evidence of a large number of people or select important people engaging in a behaviour as proof of its validity—in order to gain compliance. Use that to your organization’s advantage by making sure executives and managers make security a top priority as an example for the rest of the company.
  • Train. Getting the information out there is important, but most adult learners retain more information when they receive interactive training. Consider specific social engineering training that encourages questions and incorporates interactive examples that relate directly to your employees’ work activities.
  • Test. Make sure your educational and training efforts work by conducting regular tests. Despite growing awareness of social engineering tactics like phishing, large numbers of people still open emails and click on links that they shouldn’t. Consider conducting an in-house phishing audit to find out just how many employees have taken their security training to heart.

Remain Vigilant

Your employees will always represent a possible vector of attack for criminals, which is why you should always remember the human factor when considering security. Just as your company upgrades systems and installs software patches, so too should you periodically remind your employees of best practices and determine what new tactics social engineers are using to exploit people.

 

©  Zywave, Inc. All rights reserved.

Blog

FOLLOW OUR BLOG

Receive notifications of new posts automatically.

ABEX - AFFILIATED BROKERS EXCHANGE IS ON FACEBOOK.

Like us on Facebook
Connect with us on LinkedIn

CONNECT WITH US ON LINKEDIN