5 Ways HR Pros Thwart Cybercriminals During Open Enrollment

As an HR professional, you work daily with the types of data that cybercriminals love to steal. Fresh, complete identity records are worth a lot on the black market.

And now, it’s open enrollment time. You may be all that stands between your employees and years of recovering from identify theft. While everyone has a role to play in the cybersecurity of your organization, here are five easy things you can do to keep private information safe during open enrollment.

1. Use Strong Passwords

Employee data is as secure as the least secure HR user, so avoid weak computer passwords like those that made NordPass’s 2020 list of worst passwords. The top 10 include the following, most of which have made the list for multiple years:

1. 123456
2. 123456789
3. picture1
4. password
5. 12345678
6. 111111
7. 123123
8. 12345
9. 1234567890
10. senha

To create a strong password, use letters (upper and lower case), numbers and special characters. Longer passwords are stronger than short ones (consider using passphrases). Avoid using personal information as passwords, and don’t share your passwords with others.

2. Shield Your Computer Screen

Who’s walking behind you? Who’s visiting the office? Be aware; don’t leave your screen open to prying eyes when you are working with personal information.

If you can’t work in a private area, invest in a computer privacy screen that blocks others from seeing your screen from most viewing angles. Anytime you leave your workspace, lock your computer screen.

3. Log Out

Blocking and locking your screen are great steps, but you can do even more to safeguard theft-worthy information. Log out of systems and applications to add one more barrier.

Some employers provide kiosks for their employees to use during open enrollment. Post reminders telling these users to log off before they walk away. It takes just one opportunity for a bad actor to wreak havoc.

4. Use Secure Networks

Do not work on open enrollment tasks or with employee information when you are traveling or in public spaces such as airports. Their “free” Wi-Fi networks aren’t free, because you potentially pay for them by exposing sensitive information.

As a possible alternative, use your phone as a Wi-Fi hot spot. This PCMag article gives you step-by-step instructions on how to do this.

5. Lock Up or Destroy Printed Documents

A cyber breach doesn’t have to begin online. It can begin by someone finding and reading printed documents lying around that contain confidential data.

If you print sensitive information relating to benefits enrollment or employees, make sure you lock it up or shred the documents at the end of the day. Leaving them in the open invites trouble.

Learn More

Following the five simple tips outlined here, HR pros can greatly reduce the opportunity for bad actors to turn open enrollment into open season on employee information. To learn even more about cyber risks, watch our recorded webinar, “How to Protect Your Business & HR Systems from a Data Breach.”

The above information does not constitute advice. Always contact your employee benefits broker or trusted advisor for insurance-related questions.