Bad password practices open retirement accounts to cybercrime. That’s one reason why the Employment Benefits Security Administration (EBSA) has provided plan sponsors with Online Security Tips for use in educating plan participants about protecting their accounts. Let’s get going—dangerous password behaviors abound!
Use Unique and Complex Passwords
Taking passwords seriously is fundamental to cybersecurity, yet research continues to underscore the prevalence of sloppy password behaviors at work and home. For example, a recent study by cybersecurity firm PC Matic found:
- One fifth of employers do not regularly require employees to change passwords
- Nearly one-quarter of us still use the same passwords for home and work accounts
- Half of us check personal emails on work devices—increasing the potential of infiltration.
Plan Sponsor reports that an additional poor practice related to passwords is not knowing how to use password managers. Experts observe that absent password managers, fear of forgetting results in failing to change passwords frequently—and make them sufficiently complex. Risky in any business or home, poor password practices contribute to theft from retirement accounts. Plan sponsors who have not already done so are advised to educate employees and plan participants about the basics of online security—and document all related efforts. The Tips from EBSA include important points about how to:
- Register, Set Up and Routinely Monitor Your Online Account
- Use Strong and Unique Passwords
- Use Multi-Factor Authentication
- Keep Personal Contact Information Current
- Close or Delete Unused Accounts
- Be Wary of Free WiFi
- Beware of Phishing Attacks
- Use Antivirus Software and Keep Apps Current
- Know How To Report Identity Theft and Cybersecurity Incidents
In the face of increasing responsibilities related to the cybersecurity of retirement plans, sponsors are encouraged to step up protection strategies for the plan—and themselves. Remember, that any individual involved in the management of a retirement plan of any size can face personal exposure for breach of fiduciary responsibilities. Don’t go it alone. At Colonial Surety, as a plan sponsor, you can affordably obtain fiduciary liability insurance and cyber liability coverage along with your required ERISA bond . Fiduciary liability coverage gives you peace of mind that your personal assets are protected from a breach of responsibility in the administration or handling of an employee benefit plan, such as a retirement plan. Colonial’s annual premium is less that what you would pay for one hour with an expert ERISA lawyer: Secure Fiduciary Liability Insurance Now.
Cybersecurity Support Especially for Small Businesses
The government’s new guidance puts increased importance on protecting retirement plan data and funds in the cyber era. Confronting the rise in cyber threats, small businesses are generally without access to the services and protections that larger companies are able to put in place. Not having a response plan has resulted in disaster.
Start mitigating your risks with Colonial Surety today. When you select a comprehensive package, you realize the greatest savings—and protection for your business, your plan, and yourself. Colonial’s comprehensive package includes:
- The required ERISA bond which protects the assets of the retirement plan from theft;
- Fiduciary Liability coverage to protect you and your assets from personal liability; and,
- Cyber Liability coverage to safeguard your company and plan from covered losses and expenses in the event of a cyber breach.
Obtain Complete Protection Package Now
Colonial Surety Company is rated “A Excellent” by A.M. Best Company, U.S. Treasury listed and in business all across the country. Serving customers since 1930, Colonial Surety is the trusted source for the pension industry to secure legally required ERISA bonds, fiduciary liability insurance and cyber-liability insurance. We help safeguard plan sponsors– and keep their businesses compliant – with pain-free, efficient, and friendly service every time.