Do I Need Insurance for my Online Business?

Do I Need Insurance for my Online Business?

Insurance. It’s everyone’s third favorite word right? Right after taxes and legal? 

With so many types of insurance for online businesses out there, it can be quite confusing to decide whether you need insurance as an online business owner and if so, what you need and what you don’t. It’s important to look at your business, your clients, and the potential risks (especially cyber risks!) involved in your work when deciding what insurance policies to take out. Let’s dive into the most important things you need to know about insurance for online service providers!

How to Assess Your Cyber Risk as an Online Service Provider

As an online service provider, one of the risks you need to consider for your business is cyber risk. While you may have taken steps to protect yourself by purchasing a pre-packaged firewall or security software, that’s just simply not enough anymore. Hackers and people with malicious intent online are smart. They know how to break right through those firewalls and do costly damage and harm. When you’re assessing your need for insurance, it’s important to ask yourself some key questions to determine the level of your cyber risk. This will help you decide which type of insurance you need for your online business. 

Questions to Ask Yourself When Assessing Your Cyber Risk

  • Does my business handle wire transfer payments, either by sending or receiving? 
    • Funds transfer fraud is one of the most common cyber crimes that results in the most cyber security claims. The lost funds are rarely retrievable.
  • Does my business handle personal identifiable information (PII)? 
    • This includes names, email addresses, billing addresses, credit card information, phone numbers, health information, etc. This could be PII of your client as well as their clients
  • Does my business store critical information about other businesses (AKA, your client’s business)?
    • This could mean losing access to their business information and intellectual property, such as designs and plans, written work, client contracts or stock levels, etc. 
  • How long can my business operate without access to my computer systems, files, or data?
    • As an online service provider, more than likely, all of your work is done via your computer systems. Without access, you can lose out on money quickly. 
  • Do I work remotely?
    • This is a big one when it comes to online service providers, as most do work remotely. Logging in from other networks can be risky. Remote desktop protocols can be attacked. This also includes the risk of lost or stolen devices. 
  • Am I confident that I will never make a mistake?
    • This almost seems unfair to ask, as nobody is perfect! Many cyber incidents involve some level of oversight or human error. Cyber criminals are also masters of psychological manipulation and play on urgency and fear.  

Examples of Cyber Exposures That Put Your Online Business At Risk

With the level of knowledge and malicious intent of online hackers, it’s important to think about various ways that your online service provider business could be exposed. This can help you determine what types of insurance you need for your online business. 

Example 1: 

An online service provider works remotely and travels to the local coffee shop to work in the morning. On their way home, they stop for groceries, leaving their work bag in the car. Their car is broken into and the laptop is stolen, which holds all of their client records, login information, and files. 

Example 2: 

A service provider accidentally downloads a virus on their computer, which accesses all client information, files, intellectual property, and logins. 

Example 3: 

A service provider with access to an online CRM (customer relationship management) platform containing all of their client’s sensitive information, business, and client data is hacked after clicking a phishing link. They lose access to all data and information, their client’s information is stolen, and business is interrupted. 

What Type of Insurance Do I Need As An Online Service Provider To Protect Against Cyber Risk?

There are several options for insurance for online businesses to protect themselves against cyber risk. Many online service providers tend to want to shortcut insurance and do the least coverage possible to save money. However, it’s important to know that the average expenses paid for a small business due to a breach are around $36,000. Between legal costs, forensic costs, crisis management, notification, call handling, identity theft restoration, etc., it adds up quickly. 

You need to ask yourself if you would be prepared to pay that amount or more in the case that a breach did happen and you were found liable for the cyber breach by a court. I’m going to take a shot in the dark and guess you wouldn’t be prepared to fork over this amount of money. That’s why talking to someone and considering some form of liability insurance is a really smart idea to protect your business. Let’s take a look at a few options for you to consider. 

Cyber Liability Insurance

Cyber liability insurance protects small businesses, such as service providers, from the high costs due to a breach of data or malicious online attack. This form of insurance covers expenses such as legal fees, fines, credit monitoring, client notification, etc. As a service provider, it’s your job to keep your data and devices secure, so cyber liability insurance is definitely something to consider. 

There are two types of cyber liability insurance:

  • First-party cyber liability coverage covers expenses that arise when your online systems or network are breached or your digital data is stolen.
  • Third-party cyber liability coverage protects you if you are sued by a client for failing to prevent a breach that affects their business. 

This type of insurance may be for you if you are an online service provider that handles: 

  • Credit card information
  • Bank account information
  • Medical/health information
  • Social Security numbers
  • Driver’s license numbers
  • PII such as customer names, email addresses, physical addresses, and phone numbers

While we’ve mostly covered insurance and legal issues that can arise as a result of a cyber attack on your business, it’s a great idea to also consider getting more holistic coverage which can include the following types of coverage:

General Liability Insurance

One of the most common ways that an online service provider can protect themselves is with general liability insurance. This covers damage to property or bodily injury to someone else. This property may be your laptop or other essential equipment or tools that you need to run your business. This also covers copyright infringement. 

Professional Liability Insurance

Another option for insurance for online service providers is professional liability insurance. This covers claims against you for errors you might make in providing your services where your client may suffer loss or damages, if you’re sued for breach of contract, or some other lawsuit relating to the actual services you were to provide. 

Optional Insurance Coverage for Online Service Providers

While cyber liability, general liability, and professional liability are the most common insurances for online service providers, there are other types of insurance coverages available that may benefit you and your unique business. It’s best to learn your options and what is covered under each to determine what is most important to protect your business. Here are a few you could ask about:

Media Liability Insurance

This covers suits related to wrongful publications, misappropriation or misdirection of media or data, invasion or interference with the right to privacy or publicity, plagiarism, copyright infringement, and issues with trademark, domain names, titles, slogans, or service marks being infringed upon. 

Digital Asset Loss Insurance

This form of coverage protects against the costs that are necessary to restore the digital assets that have been altered, corrupted, destroyed, disrupted, deleted, or damaged. 

Cyber Extortion Insurance

You can get coverage to protect against the expenses incurred from a cyber extortion event, such as a hacker demanding monies or property in exchange for them not causing harm. 

Crisis Management Insurance

This covers services provided by a lawyer or public relations consultant solely for the purpose of responding to and averting a crisis. It also covers the mitigation of damage in order to restore the reputation or brand of the person covered.  

Social Engineering Insurance

This type of insurance for online business covers the loss of funds paid, transferred, or delivered by the person who is insured to another person, place, or account beyond their control that results directly from good faith reliance.

Funds Transfer Fraud Insurance

This coverage will help you recover from a loss of funds that are fraudulently transferred to a third party by someone who is unauthorized to access your network or computer system. 

With the rising rate of cybercrime, which is only expected to keep climbing to an estimated cost of up to $6 trillion annually, it is crucial to protect yourself as an online service provider with the appropriate insurance coverage(s) that apply to the risks of your business. 

If you have questions about which insurance you need, I highly suggest you talk to a lawyer about the potential risks and threats to your business to determine what’s right for you. 

Read more

Podcast: Should I Incorporate My Business? And other questions I get asked all the time!

Podcast: Should I Incorporate My Business? And other questions I get asked all the time!

Who Owns Copyright in my Brand Photos? Graphic with this title in Black lettering with a light blue background with orange and green graphics

Who Owns Copyright in my Brand Photos?

Blog Post cover that reads: How to Legally Collect and Use Testimonials. Font in Black, branding elements in peach, yellow, light blue and dark green

How to Legally Collect and Use Testimonials

Comments

Be the first to comment.