Florida Insurance Network

Give it up, ladies and gentleman, for the marketing genius who coined the term “cloud” as a euphemism for remote server.

Cloud Computing Image (Photo credit: Wikipedia)

Who doesn’t want to be on a cloud? They’re so carefree, so fluffy and heavenly. No one on a cloud worries about bad motherboards, backups, hackers or hard drive failures. You just pull down data from the ether all day and never think twice.

I’ve met scores of small-business owners who fervently believe in this myth. Because they’re on the cloud, they assume data security is no issue or, at worst, someone else’s problem.

And plenty of cloud-service providers are content to perpetuate this fantasy in the name of sales. This will change when plaintiffs’ attorneys hit enough of them with damage claims of misrepresentation. But that’s a post for another day.

The essential question every customer should ask his or her cloud provider is simply this: Will you indemnify me for any or all costs associated with a breach of security involving data that I’ve entrusted to your care?

I’ve asked cloud providers this question. The answer boils down to one word: no. And I admit that it’s probably an unfair question. I only ask it to illustrate an ugly reality, which is that the cloud is a very hazy place in terms of your rights and the cloud providers responsibilities relative to data security and the fallout from privacy breach.

If you’re business collects personal data from its customers, such as addresses, drivers license numbers, account numbers and such, Florida law (and every other state but one) says you must notify each individual if you reasonably believe the security of their data has been compromised.

The law is designed to help consumers protect themselves from identity theft but it’s a nightmare for the business involved because it’s the business that bears ultimate responsibility for the breach, not the cloud provider. And that’s especially true in the eyes of the customer whose identity is now at risk.

Obviously, if it’s your business reputation on the line as a result of a privacy breach, you’re going to act as swiftly and effectively as possible to limit damage and clean up the mess. Your cloud provider, however, might have other priorities, bigger clients to worry about and even different laws to obey, depending on the location of its servers.

Does your cloud provider’s service agreement specify your rights and its responsibilities relative to hacker intrusions against servers that contain your customers’ data?

Does it specify in which jurisdiction your data will be housed and whose laws will apply? Does it mention data encryption schemes and hiring practices? Does it limit or identify which administrators have access to servers? Does it mandate timely investigation of breaches and allow access to its servers by independent IT investigators?

Does your cloud provider’s service agreement leave you, your business and your customers in a fog of doubt about what is supposed to happen when the security of your remote data is compromised?

If so, I suggest you revisit the agreement with a good lawyer and make a list of revisions that your current cloud provider will either accept or leave for its replacement to accept.  If you don’t know, I suggest you find the agreement, read it, rinse and repeat.

Related articles

• Cloud Security: Encryption Is Key (sys-con.com)

Image via Wikipedia

I wish I heard this question more often: Do I need business interruption insurance?

The answer is simple: No, unless you can’t afford to lose all your key employees, go indefinitely without income, pay all your ongoing expenses when your business isn’t making any money and go out of business as you wait for repair or reconstruction of your business premises. Otherwise, the answer is yes, you do need business interruption insurance.

Business interruption insurance (also known as business income insurance) is a form of property insurance. In this case, we’re referring to the property more affectionately known as your business revenues and expenses. As a concept this type of insurance is pretty straightforward. The main idea is to provide money for net income and ongoing expenses when your business can’t, usually because some form of covered loss makes it impossible.

For example, let’s say you operate a candle shop. One morning that temp you hired for the holidays moves a cinnamon-apple pillar candle beneath a silk bamboo plant that catches fire, which spreads to a nearby tapestry and quickly converts your entire business to a wax works before you can say, “Did someone burn an apple pie in here?”

Fortunately, your property insurance will pay to replace the tapestry, the silk bamboo plant, your inventory of candles as well as the cost of needed repairs and reconstruction. Your liability insurance will pay for incidental damage to nearby persons and property. But you’re still looking at an extended period of time during which you have no source of revenue to make your monthly loan installment, pay utility bills, equipment leases, your own salary and other expenses that don’t go away just because your business is down. That’s where business interruption insurance comes in.

Where all of this gets confusing, even for insurance representatives, is where you decide how much business interruption insurance you need. The answer really depends on your business financials. In fact, you might even want to consult a CPA before you decide. But the limit of coverage and the deductible are always expressed both in terms of time and money. For example, you could purchase a quarter of your annual qualified expenses to be paid over a period of 90 days with a deductible of three days.

Most insurance reps will carefully avoid suggesting or speculating about whether any given limit of coverage is “enough.” First, unless they’ve seen your books, they really don’t know. Second, plaintiffs lawyers make their bones on mistakes like that. What we can do is provide you with a worksheet that’s designed to help you separate qualified expenses from costs that don’t continue, such as non-essential services and payroll.

Here’s another question: Do I need business interruption insurance in Florida? The answer is the same. Yes, but if your property insurance does not cover losses caused by wind and hail (also known as hurricane coverage) your business interruption insurance won’t either. In other words, you get exactly nada if a Cat 3 forces you out of business for a while. Keep that in mind when your representative asks about “ex-wind” property insurance.

Keep this in mind, too. Business interruption insurance kicks in when your business premises goes down, as a result of a covered cause of loss, and takes your business with it. What happens if your business premises aren’t damaged but access is severely restricted or denied to a point where the material affect on your business is the same? For example, let’s say a flood cuts off all the roads to your shop. In that case, you will want to have made sure your policy included so-called civil authority coverage and ingress/egress coverage.

Be sure to ask your representative for details. And while you’re at it, ask about extra-expense insurance, too. This is especially true for service businesses, such as dentists and lawyers, which can operate from a different location as they wait for their original premises to come back on line. Extra-expense coverage pays the costs of relocating to a temporary location.

Give me a call (727-916-7429) if I can help. Meantime, keep those candles away from the silk plants, please.

Related articles

• Northeast power outages hit many businesses hard (hosted2.ap.org)

Image via Wikipedia

What do you think of this approach?

“Hi, that’s a pretty dress you’re wearing. Can I see your personal-umbrella liability insurance policy?”

No?

Yesterday, I drove over to Tampa to attend an all-day course on social-media. I learned a lot. At the end of the day I sidled up to the teacher to inform him that I’m in insurance.

Let’s face it, I said, insurance is boring. Chicks don’t dig package policies. No one wants to jump online and read about business liability insurance. I’m not getting likes posting about property insurance deductibles. No one is following my tweets about workers comp insurance premiums.

What can I do, I asked?

He just laughed. “Wow,” he said. “Insurance on social media. That might be a first.”

Despite that double shot of encouragement, I’m not giving up. I know I’m paddling upstream (more like Niagara Falls) but I’m committed to the idea that insurance – or at least the conversation about insurance – can be unboring.

Entertaining? Ok, no – probably not. Unboring? Yes, theoretically possible.

By the way, about that umbrella insurance policy. How would you feel about some personal-injury lawyer suing your ass for every penny you’ll ever see because your teenager was texting a friend when she blew a stop sign behind the wheel of your 1997 Dodge pickup and T-boned counsel’s client in a Smart Car?

Do you think the $300,000 liability limit on your auto policy is going to cover that? Really? I’d say probably not. No, they’ll be reaching into your pockets for the rest. And you’ll be eating a whole lot of mac & cheese from here on out.

That is, unless, you have an umbrella liability insurance policy that kicks in when the other policies tap out.  Umbrella policies cover the worst-case scenario. And they’re cheap. For between $150 and $300 you can get $1 million to help pay that lawyer and his client.

Do you drive a lot? Does your kid drive your car a lot? Do you have a swimming pool? Do you like to have friends over on the weekend? Do you own a boat? Do you take friends out on the boat? Do you own a dog? All this stuff and more equals increased risk exposure. The more of that you’ve got, the more you need an umbrella policy.

Cheers.