As insurance advisors to the roofing industry during the Coronavirus pandemic, our clients contact us specifically in regards to insurance as it relates to Coronavirus (COVID-19). The two most frequently asked questions have been:
1. Can I access my business interruption insurance coverage for financial implications caused by COVID-19?
2. We have many office employees working remotely to comply with COVID-19 social distancing regulations; is my company at greater risk of cyberattacks with employees working from their personal computers?
As a result of the unprecedented challenges COVID-19 brings, many businesses are turning to insurance, like business interruption insurance, for help. In the event of a loss, business interruption insurance provides coverage for income a business would have
earned had it been operating normally. It can also help pay for expenses like employee wages, taxes, rent, loan payments and relocation expenses. However, these policies are complex and protection for losses stemming from COVID-19 is typically not included in business interruption policies. The majority of the business interruption policies we have reviewed specifically exclude biological or chemical materials and this includes pathogenic damage. For many roofing professionals, the business interruption portion of their property policy (ISO Form CP0030) is for the necessary suspension of operations wherein the suspension must be caused by direct physical loss of or damage to the insured premises. Further, the damage must be caused by a covered cause of loss. In many cases, covered perils include common interruptions like natural disasters, equipment damage and vandalism. This means that if the insurance policy requires a specific loss (e.g., a fire or earthquake) and the loss in question doesn’t qualify or is not stated explicitly, coverage may not be available. For the vast majority of roofing contractors, COVID-19 will not constitute a designated peril, and business interruption insurance will not respond to losses. Further, business interruption claims may arise from multiple causes, including both covered and uncovered perils. In these instances, the availability of coverage will depend on the policy language and any applicable laws regarding concurrent causes. Once again, insurance coverage for COVID-19-related losses is unlikely.
The Governor is working on some legislation to improve this, such as potentially requiring insurance companies to pay out business interruption claims (even if excluded) for companies with less than 100 employees. The first assistance item was a $50,000 loan with zero percent interest. We are anticipating some additional changes to come through for insurance. The messages are changing daily and we are doing our best to stay current on these constantly changing matters. What is helping is working from home, social distancing and separation of offices.
Information security is one of the greatest challenges for companies allowing remote work during the COVID-19 outbreak. Given the implications of the COVID-19 outbreak, countless employees across a variety of industries, including roofing professionals office staff, are working remotely. While this allows businesses to remain operational, it can create a number of risks, particularly for those who fail to take the proper precautions.
When an employee is at the office, their work is protected by safety standards that keep your company’s network and data secure. However, an employee working from home may not have the same safety measures in place to protect your organization’s devices and information.
In order to safeguard your business and employees from data breaches, cyber scams and viruses, consider the following strategies:
■ Train employees on how to detect and respond to phishing attacks. Criminals prey on unfortunate circumstances, seeking to capitalize on victims during times of panic and hardship. Unfortunately, the COVID-19 pandemic is no exception. Cyber criminals have been known to pose as charities and legitimate websites to lure victims into sending money and revealing personal information. Individuals should scrutinize any emails, texts and social media posts related to COVID-19 and be cautious when clicking any links and attachments. Specifically, employees should be instructed to:
■ Avoid clicking links from unsolicited emails, and be wary of email attachments.
■ Use trusted sources when looking for factual information on COVID-19, such as CDC.gov.
■ Never give out personal or financial information via email, even if the sender seems legitimate.
■ Never respond to emails soliciting personal or financial information.
■ Verify a charity’s authenticity before making any donations.
■ Have a virtual private network (VPN) in place, and ensure employees are using it to access company systems and data when working remotely. VPNs encrypt Internet traffic, which can be particularly useful when your employees are connected to a home or public network. Furthermore, it could be beneficial for your company to prohibit employees from accessing company information from public networks altogether.
■ Mandate the use of security and anti-virus software. This software should be up to date and include the latest patches.
■ Educate your employees on the kinds of sensitive data they are obligated to protect. This could include confidential business information, trade secrets, intellectual property and personal information. When working with sensitive data, employees should take the same precautions they would if they were at the office. They should avoid using their personal email for company business and think critically about the documents they are printing at home. If they must print sensitive information, they should shred the document when it is no longer needed. Encrypting sensitive information can also help you protect any data that is stored or sent to remote devices.
■ Prohibit employees from sharing their work devices with friends and family members. Doing so reduces risks associated with unauthorized or inadvertent access of company information.
■ Maintain employee contact information. That way, if your systems are compromised, you can easily contact your staff and provide the appropriate updates and instructions.
■ Create and communicate a system that employees can use to report lost or stolen equipment. This will help your IT department respond quickly and mitigate potential data loss threats.
■ Require two-factor authentication for all company passwords. Two-factor authentication adds a layer of security that allows companies to protect against compromised credentials. Through this method, users must confirm their identity by providing extra information (e.g., a phone number or unique security code) when attempting to access corporate applications, networks and servers. This additional login hurdle means that would-be cyber criminals won’t easily unlock an account, even if they have the password in hand.
■ Consider security precautions for mobile devices. Proper phone security is just as important as a well-protected computer network. A smartphone could grant access to any number of applications, emails and stored passwords. Depending on how your organization uses such devices, unauthorized access to the information on a smartphone or tablet could be just as damaging as a data breach involving more traditional computer systems. For additional protection, employers should consider backing up data and bolstering network protections as best as they can.
This is simply a snapshot of what we are currently seeing as a result of COVID-19 on the roofing industry. Information is changing daily as state government legislation continues to adapt to these unprecedented times. The Furman Agency also has some additional resources and information to help mitigate the impact of this pandemic, such as a temporary infectious disease mitigation plan.
Tyler Kocis, Surety and Risk Advisor, Furman Insurance, graduated from Indiana University of PA with a Bachelor of Finance. Tyler can be reached at tyler@furmaninsurance.com or by cell at 954-994- 9292 for any questions or additional information.
Previous Article