5 Ways HR Pros Thwart Cybercriminals During Open Enrollment

As an HR professional, you work daily with the types of data that cybercriminals love to steal. Fresh, complete identity records are worth a lot on the black market.

And now, it’s open enrollment time. You may be all that stands between your employees and years of recovering from identify theft. While everyone has a role to play in the cybersecurity of your organization, here are five easy things you can do to keep private information safe during open enrollment.

1. Use Strong Passwords

Employee data is as secure as the least secure HR user, so avoid weak computer passwords like those that made the NordPass Top 200 Most Common Passwords list. The top 10 include the following, most of which have made the list for multiple years:

1. 123456

2. 123456789

3. 12345678

4. password

5. qwerty123

6. qwerty1

7. 111111

8. 12345

9. secret

10. 123456789

To create a strong password, according to the U.S. Cybersecurity & Infrastructure Security Agency, take these steps:

• Create long passwords of 16 characters or more, and don't share them with anyone.
• Use a combination of upper and lowercase letters, symbols and numbers, or a passphrase (5-7 unrelated words).
• Use each password for only one account.

Organizations should also implement multifactor authentication, also referred to as two-factor authentication.

2. Shield Your Computer Screen

Who’s walking behind you? Who’s visiting the office? Be aware; don’t leave your screen open to prying eyes when you are working with personal information.

If you can’t work in a private area, invest in a computer privacy screen that blocks others from seeing your screen from most viewing angles. Anytime you leave your workspace, lock your computer screen.

3. Log Out

Blocking and locking your screen are great steps, but you can do even more to safeguard theft-worthy information. Log out of systems and applications to add one more barrier.

Some employers provide kiosks for their employees to use during open enrollment. Post reminders telling these users to log off before they walk away. It takes just one opportunity for a bad actor to wreak havoc.

4. Use Secure Networks

Do not work on open enrollment tasks or with employee information when you are traveling or in public spaces such as airports. Their “free” Wi-Fi networks aren’t free, because you potentially pay for them by exposing sensitive information.

As a possible alternative, use your phone as a Wi-Fi hot spot. This PCMag article gives you step-by-step instructions on how to do this.

5. Lock Up or Destroy Printed Documents

A cyber breach doesn’t have to begin online. It can begin by someone finding and reading printed documents lying around that contain confidential data.

If you print sensitive information relating to benefits enrollment or employees, make sure you lock it up or shred the documents at the end of the day. Leaving them in the open invites trouble.

Learn More

Following the five simple tips outlined here, HR pros can greatly reduce the opportunity for bad actors to turn open enrollment into open season on employee information. To learn more ways your organization can manage cyber risk and limit financial losses, click here.

The above information does not constitute advice. Always contact your employee benefits broker or trusted advisor for insurance-related questions.