There are a variety of reasons you choose to give your business to a company. But how often do you consider data security? These days we are so used to handing over our data in exchange for a service, that we often don’t think twice about how it is being stored. Of course, you read about all of the big data breaches in the news all too often. But, admittedly, when it comes to finding and understanding how the companies you patronize use your data, it can prove tricky. 

That’s why the Kelly Klee team wants to share some of the ways we are keeping your data safe. As a digital insurance broker providing modern, technology-enabled service, having robust data security protocols is essential to our business and earning your trust. Every day we handle your personal information, whether it’s your policy information or the photo you uploaded in the app of the new car you want to insure. 

So to give you a peek into our operations, we sat down with our CTO Jacob Hernandez and our IT Coordinator DeAnne Roseen to better understand what we do to keep your data safe and how we do it. 

Actively training our employees against social engineering

These days, a lot of companies don’t fully assess their data security. Sadly, companies often focus solely on complicated and invasive direct high-tech attacks, but avoid the more common and low-tech human-centered problems. Specifically they don’t adequately train their employees about threats like phishing scams — where hackers trick employees into giving them data or to open links that install malicious software. 

As a tech-forward company, our CTO Jacob Hernandez emphasized how Kelly Klee has been adamant from the start about taking the proper precautions to prevent such things from happening. “We’re extremely proactive in what we’re doing, because it’s not a matter of if you’re going to be attacked, it’s a matter of when. And you’re putting your customers at risk if you do nothing.”

Part of a good data security system is focusing on training employees on how to handle data properly. As IT Coordinator DeAnne Roseen explains, an element of that at Kelly Klee is dedicated quarterly training with staff that focuses on things like password complexity and social engineering attacks. 

“We actually send out false phishing attempts to see if our employees click,” Roseen told us. “If they do click the link, it then sends them through a training and points out all the things that they could have seen that would have prevented the click. Over time we’ve been ramping up the difficulty. And I actually believe our last report came back with zero clicks — which was great news.”

State of the art technology and protocols

To keep customer data safe, Kelly Klee deploys the latest threat detection software on employee computers, consistently makes backups and requires strict passwords that must meet the latest security standards for employees. “We even go so far as to ensure that employees update the browsers they use regularly so that it has the most up to date security controls,” Roseen explained. 

Kelly Klee is also prepared for other rising threats, like ransomware, which is when hackers take control of your data, encrypt it and refuse to give up access until you pay their demands. “If that happens, we have a system in place that recovers this data,” Hernandez explained. “If a hacker tries, we won’t give into those demands because we still have access to the data we need.” 

When it comes to data security protocols and practices, Kelly Klee’s ethos is deeply rooted in our mission as a company to use the latest technology to advance insurance and provide better customer experiences. In fact, our practices go above and beyond legacy insurance practices, deploying protocols that are the same as those used in the tech industry. “We use protocols that largely don’t exist in insurance and other industries,” Hernandez told us. “Think of things like encryption for personal data in transit and encryption at rest, which means if someone takes a hard drive, they still can’t access this data.” 

Finally, besides the computer threats, Kelly Klee is taking action against one of the most vulnerable data security weak points: the phone. “Hackers will pretend to be someone else on the phone to get access to personal data. But protocols like two-factor authentication, which requires two methods of identity verification, are incredibly helpful in keeping data safe,” Roseen explained.

Hernandez went on to say, “Everywhere we can set up two factor authentication, we set that up. This isn’t necessarily high-tech, but it’s becoming a new standard, and it’s a protocol which has proven to be really effective.”

Kelly Klee tips to protect yourself

While we work hard to protect your data every day, it is important that you have your own strong security measures in place to protect your data. Here, our CTO and IT Coordinator give you their top tips for keeping your data safe. 

1. Use strong and varied passwords
   Pass-phrases are the best. These are phrases you can remember but hackers won’t be able to crack. Never use things like your birthday, pet name or address for your password. Always try and include capital letters, numbers and symbols, too, for added complexity. Use a different pass-phrase for every website and app.
   
2. Protect yourself with cyber insurance
   “Everyone needs cyber insurance,” Hernandez pointed out. “We can protect customer data in such a strict way that someone may never get into the data we have on customers. But, that doesn’t mean that the same data on our customers doesn’t live with other companies. It’s super important for people to take good security measures into their own hands, but also have some method to make themselves whole again in case their data gets out anywhere.”
   
3. Activate two-factor authentication
   We use two-factor authentication at Kelly Klee and we advise all of our clients to set it up and use it whenever they can. Whether it is your bank account or email, you always want to protect the accounts that matter to you most, as well as the accounts that hold the most important data about your life.
   
4. Add a password to your phone
   Most phones have a numerical passcode, biodata recognition (like face scan or fingerprint) or pattern unlock. But, the strongest thing you can do to protect your device is to set up an actual alphanumeric password to protect your data.