Attacks on Cloud Services Grow Amid Telecommuting Boom

cloud

As more of America’s workers were asked to work from home due to the COVID-19 pandemic, cyber criminals jumped at the opportunity to take advantage, it seems.

Remote work means work being handled on the cloud as employees share files and need a convenient way to access them.

But cyber criminals are banking on workers letting down their guards when they work from home, so it’s no surprise that while cloud service usage among enterprises jumped 50% between January and April, external attacks on cloud accounts boomed 630% in the same period.

Also, hackers and other cyber scammers orchestrated systematic attacks on collaboration tools like Cisco WebEx, Zoom, Microsoft Teams and Slack, according to the “Cloud Adoption & Risk Report ― Work from Home Edition” report by McAfee.

The risk to enterprises cannot be overstated as criminals try to take advantage of the sudden shift to telecommuting by thousands and thousands of organizations as they try to cope with the COVID-19 pandemic and continue operating during stay-at-home orders.

Employees are your organization’s first line of defense. You can protect your company by encouraging personnel to be skeptical of e-mail from unfamiliar sources.

Training your staff

Before the COVID-19 crisis, PricewaterhouseCoopers simulated a phishing attack on mid- to large-size financial institutions, finding that:

  • 70% of phishing e-mails were delivered to their targets, and
  • 7% of recipients clicked on the malicious link.

The danger with phishing and ransomware attacks is that it only takes on click, one missing endpoint agent, one failed alert, one unsuspecting employee, and the criminals can take control of your network and your cloud files.

Many of these attacks come in the form of what’s now called “social engineering attacks.” PwC recommends coaching all of your employees to take the following precautions, particularly on their mobile devices:

  • Be skeptical of e-mails from unknown senders, or from familiar people (like your company’s CEO or your doctor) who do not usually communicate directly with you.
  • Don’t click on links or open attachments from those senders.
  • Don’t forward suspicious e-mails to co-workers.
  • Examine the sender’s e-mail address to ensure it’s from a true account. Hover over the link to expose the associated web addresses in the “to” and “from” fields; look for slight character changes that make e-mail addresses appear visually accurate — a .com domain where it should be .gov, for example.
  • Grammatical errors in the text of the e-mail are usually a sure sign of fraud.
  • Report suspicious e-mails to the IT or security department.
  • Install the corporate-approved anti-phishing filter on browsers and e-mails.
  • Use the corporate-approved anti-virus software to scan attachments.
  • Never donate to charities via links included in an e-mail; instead, go directly to the charity website to donate.

Cyber insurance

Cyber insurance is designed to protect your company by insuring you for network security issues, privacy, interruption to your business, media liability, and errors and omissions.

For phishing, ransomware and other cyber attacks, the network security and business interruption portion of the policy would mainly come into play.

Network security coverage — This includes first party costs. That is, expenses that you incur directly as a result of a cyber incident, including:

  • Legal expenses
  • IT forensics
  • Negotiation and payment of a ransomware demand
  • Data restoration
  • Breach notification to consumers
  • Setting up a call center
  • Public relations expertise
  • Credit and identity monitoring

Business interruption — When your network, or the network of a provider that you rely on to operate, goes down due to an incident, you can recover lost profits, fixed expenses and extra costs incurred during the time your business was impacted. This includes loss arising from:

  • Security failures, like a third party hack.
  • System failure, such as a failed software patch or human error.

Insurance Costs Related to COVID-19 Could Top $100 billion

insurance cost

COVID-19-related losses for property-casualty insurers are likely to top $100 billion, with workers’ compensation accounting for about a third of all payouts, according to a new report by Wells Fargo & Co.

The report estimates that workers’ compensation could see total COVID-19 claims payouts of up to $34 billion, but that factors like the severity of workers’ comp cases and the number of deaths will determine the final payouts. This may spur rate hikes in workers’ compensation after years of soft pricing in most of the country.

The majority of workers’ compensation claims are likely to be in the health care sector, and the rest among “essential workers” who have had to remain on the job

One report by the Division of Workers’ Compensation at the Florida Department of Financial Services found that health care workers and those working in protective services accounted for 83.3% of COVID-19 indemnity workers’ comp claims filed in Florida as of May 31.

The Wells Fargo report forecasts that the claims are likely to put pressure on rates for number of lines of insurance. Besides workers’ compensation, it predicts that these other lines will see significant claims payouts:

Business interruption — The second-highest claims payouts, the report states, will be for business interruption losses related to the COVID-19 outbreak. Wells Fargo estimates that total claims payouts will be between $4 billion and $24 billion.

However, most business interruption coverage, which is typically tied to commercial property policies, does not cover losses from pandemics. That said, some stand-alone policies have had more liberal coverage wording that will require the insurers to pay the claims.

Event cancellation — The report estimates that event cancellation losses will account for nearly 30% of industry losses. This insurance protects event revenues and related expenses against the risks of cancellation, postponement, curtailment, relocation or abandonment of an event for unforeseen circumstances beyond the control of the event organizer.

Beyond the lost revenue, the costs of canceling a large event can run into the tens of millions of dollars, sometimes more. While the specific terms of event cancellation policies vary, many offer broad “all-risk” or “all-cause” coverage that is triggered by any unexpected cause that is not expressly excluded under the policy.

Other policies, however, are written such that only specific causes or risks (like terrorism or natural catastrophe) trigger coverage.

While some event cancellation policies include exclusions for infectious or communicable diseases (which would include COVID-19), many do not.

Other lines of insurance that could sustain losses due to the pandemic include:

  • Travel insurance — Issues that could come into play include emergency evacuation, repatriation and out-of-country medical benefits that cover costs for the treatment and transportation of sick or injured employees. Policies typically offer optional coverage for unexpected medical expenses.
  • Directors and officers liability — These claims could concern legal action for not taking timely measures regarding COVID-19 to protect the organization, as well as legal action for financial damage or even insolvency. 

The topside

The report also notes that there are some lines of insurance that could benefit from lower claims due to the COVID-19 pandemic. Chief among these is commercial auto, due to the substantial decrease in vehicle accidents as there have been fewer cars on the roads at a time of shelter-at-home orders.

What Business Insurance Policies Cover Rioting, Looting

looting

As protests around the country descended into rioting and civil unrest, many businesses that have been looted, or seen their shops damaged or completely destroyed, will obviously be turning to their insurance to file a claim.

While many companies were unsuccessful in filing business interruption claims for the COVID-19 crisis, claims for damage and theft from rioting and looting are more likely to be paid. A number of coverages will come into play depending on the damage and lost income a business suffers at the hands of rioters, vandals and looters.

Property damage

Standard commercial property policies cover damage to a business property caused by fire, explosion, riot or civil commotion, vandalism or malicious mischief. This would include coverage to the structure of the business, as well as any inventory, fixtures and other contents. Business owner’s policies also include this risk.

The business personal property coverage portion of the policy would cover damage and theft if rioters break into a real estate office, for example, and steal computers, burn furniture and destroy office equipment. That said, the damage would be subject to limits (specific or blanket), as well as any deductibles required by the policy.

Commercial vehicle damage

Automobiles are covered under the optional comprehensive portion of a commercial auto policy, which you should have for all your vehicles. This will pay for damage to the vehicle and its contents caused by fire, falling objects, vandalism or rioting.

Comprehensive coverage will cover the gamut and will pay you if a vehicle is:

  • Stolen,
  • Damaged, or
  • Destroyed (for example, burned).

One of the most common damages to vehicles during riots is broken windshields, which you can usually get covered with an optional glass coverage rider.

Business interruption coverage

Companies that are forced to close as a result of riot and looting damage may have coverage for business interruption under a business property policy.

The policy may also cover lost income because a business had to close after riots. It would often cover dependent properties or have contingent business extensions of coverage. Also, coverage can apply if a business suffers a loss of income because of curfews or if authorities bar access to a property.

Coverage is typically triggered if there is direct physical damage to the premises.

You should note that many policies require a 72-hour waiting period before a policyholder can begin making a claim. That’s because the first three days of business shutdown, access constraints or limited hours of operation because of a civil authority action are often excluded from coverage.

There may also be a limit to the claim period. A standard limit is up to three weeks of losses.

Filing a claim

When filing a claim, read your policy in its entirety to determine how to best present it. It’s important to understand the policy’s limits and deductibles before spending time documenting losses that may not be covered.

If you are going to file a claim, document all damage. You should have receipts for all your inventory and fixtures. Here’s what you should do:

  • Take photos of all damage.
  • Contact your agent and file a claim immediately.
  • Clean up to protect your building, but do not make major repairs until you talk to the insurance company.
  • Keep receipts for any remediation work.

If you’re going to file a business interruption insurance claim, you will need:

  • Pre-riot financial statements and income tax returns.
  • Post-riot business records.
  • Copies of current utility bills, employee wage and benefit statements, and other records showing continuing operating expenses.
  • Receipts for building materials, a portable generator and other supplies needed for immediate repairs.
  • Paid invoices from contractors, security personnel, media outlets and other service providers.
  • Receipts for rental payments, if you move your business to a temporary location.

A final thought: Filing a business interruption claim is not easy, particularly when estimating losses. The process is highly complex and can be contentious. If the insurer disagrees with your loss estimates, they may have specialists audit your claim.

 

Adjustable Workstations Key to Reducing Injuries

construction workers

Musculoskeletal disorders from manual labor in factories, construction, printing and warehouse work are one of the most common types of workplace injuries and account for one-third of all workers’ compensation costs.

These injuries take a profound economic toll on both workers who suffer these injuries and on employers who pay more for their workers’ comp premiums. There are also indirect costs, such as training replacement personnel, retraining workers, lost productivity and reduced morale.

To reduce the chances of MSDs among your workers, make sure their workstations are ergonomically designed and optimized for safety and efficiency of use.

One of the best ways to reduce these types of injuries is to ensure that workers of different sizes and physical limitations can work in the same area without straining themselves and developing an MSD.

The height of the work area is a significant factor in these types of injuries. Usually the height is stationary, but one size does not fit all. Someone who is too short or too tall for a standing work area will have to strain to work in a position that is not optimal.

The adjustable workstation

While for some workstations a standard size cannot be avoided, in many cases it’s best to have workstations with adjustable heights. Height adjustability is useful not only for very tall or very short people, though.

For specific tasks, the ability to adjust the bench top to the application may help workers of all sizes execute tasks more ergonomically.

An adjustable workspace can accommodate the majority of workers in ways that reduce stresses and strains, whether they differ by height, reach capabilities, strength or flexibility. If you have an adjustable workspace, a tall and short worker can use the same work area by simply adjusting the height when they start their shift.

Avoiding neck strains

Besides a workspace that moves up and down, you should also make sure that the worker doesn’t have to strain to read documents or screens or type on a keyboard, such as when they are sitting on the surface of the workstation.

While this may seem like a small thing, a worker who has to look down at an extreme angle at papers or a screen on a table every day for years can develop neck disorders and injuries. They may not be as severe as a sprain or a strain, but they can still impair the individual’s ability to work ― and over time could require surgery and rehab.

Sometimes the solution is simple, such as using a height-adjustable arm to hold documents or a screen. You can also have an articulating keyboard tray that moves up and down so the worker can adjust it at an optimal height and not have to strain to type.

These solutions are inexpensive and will reduce the chances of employees straining to read documents or screens or type. Using these simple tools will also make your workers more efficient. Like height adjustability, these arms will work for people of various heights and sizes.

The takeaway

The key to ergonomics is to make the environment fit the worker, not vice versa. This can be accomplished in many ways, ranging from facility design to equipment specification to process design.

By homing in on the workstation, you can greatly reduce the chances of your workers developing an MSD.

Testing Workers for COVID-19 Raises Privacy, Discrimination Issues

COVID-19 testing

Employers whose businesses continue to operate are obviously concerned about the coronavirus spreading through their worksites, so many have started testing their workers.

Recent U.S. Equal Employment Opportunity Commission guidance authorized employers to conduct COVID-19 testing and check temperatures of employees. But doing so could expose a business to a number of employee legal actions from invasion of privacy to discrimination and wage and hour charges, say employment law attorneys.

While the EEOC guidance refers to existing Americans with Disabilities Act regulations requiring that any mandatory medical test of employees be “job related and consistent with business necessity,” it left many questions unanswered.

So, if you decide to start testing workers, you will have to navigate a number of issues, such as:

  • Which tests are appropriate?
  • What are the standards for protecting workers’ privacy?
  • Should employees be paid for the time they wait in line to be tested?
  • Should you get written consent?
  • How will you ensure that the policy is applied consistently?

Employment law experts say there is often a surge in employee lawsuits when new rules or guidance are being issued, and more so with such a sensitive issue as one’s health during a pandemic.

The kinds of claims that employers may see as a result of employee testing include:

  • Invasion of privacy
  • Failure to protect employees’ personal health information
  • Discrimination
  • Retaliation
  • Wage and hour actions if waiting for testing takes time.

What you can do

Typically, employers would not be allowed to test a worker’s temperature for a specific disease, but these are unusual times and the threat of infection is too great.

Most lawyers are interpreting the EEOC guidance as meaning that employers may take steps to determine whether employees entering the workplace have COVID-19 because an individual with the coronavirus will pose a direct threat to the health of others. Therefore, an employer may choose to administer COVID-19 testing to employees before they enter the workplace to determine if they have the virus.

To cover your bases, you should plan your testing in detail, including:

  • How you will be conducting tests (providing at-home test swab kits, testing upon arrival, or offsite).
  • Designate a person who is authorized to conduct tests.
  • Document how you will be administering tests.
  • Plan for how you will account for false positives or false negatives.
  • Decide how often should you be testing.
  • Budget for the testing.
  • What will you do if a worker tests positive or has a fever (if you are just checking temperatures)?
  • Don’t have exceptions to the policy or, if you do, keep them to a minimum. The more exceptions to a policy, the more likely you are to be sued.
  • The policy should comply with guidance from the Centers for Disease Control and Prevention, such as using non-contact thermometers and ensuring social distancing during the process.

Insurance

The risk of being sued when administering testing is real and you should do everything you can to make sure it’s carried out fairly and consistently. But even if you do everything by the book, you can still be sued.

During bad economic times when people are losing their jobs, employee lawsuits tend to rise and, even if you are eventually found to have acted within the confines of the law, you still have to pay the legal fees.

One type of policy that could step in to protect you is employment practices liability insurance. EPLI will cover awards and legal costs in employee-initiated lawsuits. Each policy is different though, so it’s best to consult with us first.

If you are testing or are considering testing your staff, you may want to consider it.

Protecting Your Workers During the Pandemic

covid-19 workers

If you are one of the companies that has been deemed an essential employer and are remaining open during stay-at-home orders, you should be doing all you can to protect your workers against contracting COVID-19.

While some workers are really on the front lines of fighting the disease, like health care workers and emergency services personnel, there are many other people working in factories, grocery stores, warehouse and transportation, among other industries, that are also at risk to varying degrees.

The response to this has been varied. Some employers have taken steps to protect their workers. For example, some grocery stores have supplied cashiers with masks, face shields or plexiglass barriers between them and customers.

But not all employers are taking those steps and that’s ignited worker protests through a swath of industries:

  • After a mechanic tested positive for COVID-19, half the employees at his workplace stayed home to press the employer to clean the entire worksite before they would return.
  • Workers staged a walkout at a truck manufacturing facility because the company was not supplying them with hot water for washing their hands.
  • Bus drivers went on strike, saying the city they work for wasn’t doing enough to protect them.
  • 200 employees walked out of one warehouse after a worker tested positive for COVID-19.

Employers need to be careful, as failing to provide adequate protections against coronavirus to their workers could result in lawsuits and subsequent penalties if OSHA decides to strictly enforce its General Duty Clause.

What you can do

Facilities will vary in their own risks, but the following are some general areas that all employers should consider to reduce the risk or spread of infection in their workplaces, regardless of whether they are a large high-traffic facility like a food warehouse or a small hardware or specialty grocery store:

Providing personal protective equipment — This can range from gloves and masks to face shields.

Protective barriers or partitions — These could be partitions made of plexiglass so workers can communicate and make eye contact.

Air circulation — If you have fans or air conditioning units blowing, take steps to minimize air from fans blowing from one worker directly at another.

Spacing — Require employees to work at least 6 feet apart.

Hygiene — Place handwashing stations with hot water and soap or hand sanitizers with at least 60% alcohol in multiple locations, in order to encourage good hand hygiene. Also urge workers to avoid touching their faces.

Customer handling — Use rope-and-stanchion systems to keep customers from queueing or congregating near work areas. Mark spots on the floor spaced 6 feet apart to ensure social distancing.

Consider restricting the number of customers allowed inside the facility at any point in time. Also, consider options for increasing in-store pickup or delivery to minimize the number of customers shopping in store facilities.

Cleaning — Disinfect frequently touched surfaces in workspaces as well as doorknobs, buttons and controls. If you have customers entering your facilities, disinfect all public-facing areas, such as points of sale and service counters.

Employee issues — Add additional clock in/out stations. If possible, these should be spaced apart to reduce crowding in these areas.

Staggering schedules — Stagger workers’ arrival and departure times to avoid congregations of employees in parking areas, locker rooms and near time clocks. Stagger lunches as well, to avoid overcrowding in general areas where employees may often eat. If you have an area frequently used for lunches, make sure you enforce 6-feet spacing in that location too.

Keeping virus at bay — Actively encourage sick employees to stay home. Check temperatures of workers upon arrival — and consider checking customers’ temperatures too. If anybody is running a fever, they should not be allowed into the facility and should be asked to go home and call their doctor.

Want to know more?

OSHA has a fantastic COVID-19 resource page that outlines safety procedures that employers in a number of industries can implement to reduce the chance of transmission between workers, as well as between workers and customers. You can find it here.

How to Protect Your Business Teleconference Meetings

teleconference

Since face-to-face meetings are out of the question when most non-essential workers are under stay-at-home orders, many companies have opted for the teleconferencing app Zoom.

With the recent revelation that Zoom’s teleconferencing system is not always the most secure, it is still one of the least expensive and user-friendly options for holding meetings during the coronavirus outbreak.

Zoom has seen its user numbers exploded during the pandemic, but that has left it exposed to a number of different types of attacks and other problems like videos being exposed on the web. There are many alternatives to Zoom, but if you want to continue using the service, you should understand the security implications and what you can do to protect yourself, other participants and your company.

The risks

Because of complaints, Zoom in mid-April said it was working to fix a number of bugs and security holes in its system.

While some issues have plagued the system for a few years, others were recently discovered as usage surged in the first three months of 2020. Here’s a list:

Stolen passwords — One of the more recent vulnerabilities that was discovered was one that allowed hackers to steal Windows passwords.

Eavesdropping — Two other newly discovered holes could let hackers remotely install malware on affected Macs and eavesdrop on meetings.

Phishing attacks — Hackers are creating fake Zoom links and websites to lure people to log in. In so doing they can steal financial details, spread malware and steal Zoom ID numbers and passwords, which allows them to infiltrate meetings.

‘Zoombombing’ — This occurs when uninvited guests gain entry to private meetings. This typically happens for large events after log-in details were announced on social media, but it is happening in smaller meetings as well. Typically, these infiltrators will disrupt the meeting with profanities and insults or by streaming porn for the other participants to see.

Hackers are using the same techniques to eavesdrop on or disrupt business meetings.

Meeting recordings exposed — This can only happen if the meeting organizer records the meeting. A Washington Post investigation found thousands of private Zoom videos that had been posted on the web. The exposed video calls included private business discussions, casual conversations with friends, therapy sessions, and nudity. Many of these videos seem to have been made public by mistake.

Meetings are typically not recorded. The default setting on Zoom does not record meetings. But meeting hosts can save the videos on Zoom’s servers or their own computers without participants’ consent.

Tips to keep your Zoom meetings private

  • Don’t post your Zoom meeting IDs publicly. Send them privately by e-mails or using a messaging app.
  • Create a new ID for every meeting. Don’t recycle old ones from prior meetings.
  • Adjust the Zoom settings to require participants to enter a password to access the meeting.
  • Enable Zoom’s “Waiting Room” feature. This lets you keep participants in a digital queue until you approve them to join the session. Beginning April 4, Zoom enabled the feature by default, requiring additional password settings for free users. Zoom has a guide to the feature on its website.
  • If you are worried about abuse, you can turn off a number of features, such as private chats, annotation and file transfers.
  • Keep the Zoom desktop app up to date, so that any patches Zoom makes to security vulnerabilities are added to your device.
  • If you are concerned about hackers accessing your data and you don’t need to screen share, you may want to use Zoom only on mobile devices such as a smartphone or tablet. These seem to be less susceptible to hacking.
  • Build awareness of Zoom phishing scams into user training programs. Users should only download the Zoom client from a trusted site and check for anything suspicious in the meeting URL when joining a meeting.
  • Ensure all home workers have anti-malware protection, including phishing detection installed from a reputable vendor.

 

Insurers Ordered to Refund Premiums Due to Outbreak

refund

California’s insurance commissioner has ordered insurers doing business in the state to refund some premium payments to policyholders for a number of commercial lines, as well as personal auto insurance policies, due to the reduced risk of claims in light of the COVID-19 outbreak and shelter-at-home orders.

Commissioner Ricardo Lara issued the notice, which requires insurers to “make an initial premium refund for the months of March and April” to affected California policyholders as quickly as practicable, and no later than within 120 days.

Lara’s notice covers premiums paid for at least the months of March and April ― including the month of May if “shelter-in-place” restrictions continue ― in the following lines of insurance:

  • Commercial automobile,
  • Workers’ compensation,
  • Commercial multi-peril,
  • Commercial liability,
  • Medical malpractice,
  • Private passenger automobile, and
  • Any other insurance line where the risk of loss has fallen substantially as a result of the COVID-19 pandemic.

The order was made to reflect the reduced risks across the board. For example, with fewer people driving, the risk of accidents has fallen dramatically and, with fewer people working, the risk of workplace injuries has also plummeted.

The order gives insurance carriers flexibility in how to handle the refunds, including providing a premium credit, reduction, return of premium or other appropriate premium adjustments within 60 days of the notice, which was issued April 13.

In making the announcement, Lara cited a study by UC Davis which found that reduced driving has resulted in fewer accidents, injuries, and fatalities on the roads. Declining payroll and receipts due to closure orders have also dramatically reduced the risk of a liability loss for businesses.

The order comes on the heels of a handful of insurance companies that have voluntarily offered premium refunds or discounts to policyholders because the risk of claims has fallen due to the pandemic and shelter-at-home orders.

For example, Chubb announced that small policyholders whose policies will renew between April 1 and Aug. 1, will see a 25% reduction in the sales and payroll exposures used to calculate their premium, as well as a 15% reduction in premiums for commercial auto policies.

Additionally, several auto insurance companies have recently announced voluntary premium refunds to drivers.

Meanwhile, State Compensation Insurance Fund (State Fund) announced in late March that it had placed a moratorium on policy cancellations and late payment penalties. It will also extend credit to any business negatively impacted by COVID-19 events and offer businesses the ability to adjust their payroll reporting.

The takeaway

Lara said this was just the first announcement on the issue. The Department of Insurance may issue further notices if the stay-at-home order continues beyond May.

CARES Act Helps Coronavirus-affected Employers, Employees Alike

The $2 trillion Coronavirus Aid, Relief, and Economic Security (CARES) Act stimulus law to help American workers and businesses weather the outbreak has a number of provisions that employers and their workers need to know about and can take advantage of during this crisis.

The CARES Act includes provision for:

  • Extended unemployment benefits.
  • Requiring health plans to cover COVID-19-related costs.
  • Small Business Administration (SBA) disaster loans.
  • Loans for large corporations.

Parts of the CARES Act will likely benefit your organization and employees in some way. Here’s what you need to know:

Extended unemployment

The CARES Act extends unemployment insurance benefits to workers, as long as they lost their jobs due to the outbreak.

Unemployment benefits under the CARES Act also apply to furloughed employees.

Workers in California will be able to collect both state unemployment and federal unemployment through the new law.

Under existing state law, workers who have lost their jobs can already receive regular unemployment benefits of between $40 and $450 per week, depending on their highest-earning quarter in a 12-month period beginning and ending before they apply for benefits with the state Employment Development Department. These benefits can last for up to 26 weeks.

The Pandemic Emergency Compensation program funded by the CARES Act will provide an additional $600 per week on top of state unemployment benefits, through July 31.

The law extends state-level unemployment by an additional 13 weeks. For example, whereas most of California’s unemployment benefits last 26 weeks, the bill extends state benefits to 39 weeks. The extended benefits will last through Dec. 31.

Health plan changes

Under the CARES Act, employer-sponsored group health plans must provide for covered workers — without cost-sharing or out-of-pocket expenses — the cost of COVID-19 testing, treatment and vaccinations when and if they become available.

SBA loans

The CARES Act provides $10 billion for grants of up to $10,000 to provide emergency funds for small businesses to cover immediate operating costs. It also offers loans of up to $10 million to companies that employ fewer than 500 people to cover payroll and expenses between February 15 and June 30. Some of the main provisions are:

  • Small businesses may take out loans up to $10 million—limited to a formula tied to payroll costs—and can cover employees making up to $100,000 per year.
  • The loans can be forgiven as long as a business meets certain conditions, such as using most of the funds to pay salaries for the eight weeks following the loan closing.
  • Entities eligible for loans include small businesses, nonprofit organizations, sole proprietors, independent contractors, and other self-employed individuals.
  • Borrowers who have received an SBA Economic Injury Disaster Loan for the same purpose do not qualify for the Paycheck Protection program (PPP).

Mid-sized employers

Under the CARES Act, the Secretary of the Treasury is authorized to implement financial assistance programs which specifically target mid-size employers with between 500 and 10,000 employees.

Loans would not have an annualized interest rate higher than 2% and principal and interest will not be due and payable for at least six months after the loan is made. But unlike loans under the PPP, these are not forgivable.

Large employers

The CARES Act provides $500 billion to the Treasury Department’s Exchange Stabilization Fund for loans and other funding for large companies and corporations affected by the outbreak.

  • $454 billion is set aside for loans, loan guarantees.
  • Companies that receive funds are prohibited from using them for stock buybacks.
  • Loans include terms limiting employee compensation and severance pay.

Like loans for mid-sized employers, they are not forgivable.

Why You Need ‘Key Man’ Insurance

board meeting

If you are operating a small business, you are likely relying on a small crew to get the job done.

Many employees in small firms have to wear several hats and, if one of them or an owner should die, the business could suffer greatly from that sudden loss of talent or one of the owners who is integral to the operations.

If you don’t have “key man” insurance, that setback could be devastating to the viability of your operations, whereas coverage would provide you with extra funding that you would need while recovering from the loss.

Key man insurance is simply life insurance on the key person in a business. In a small business, this is usually the owner, the founders or perhaps a key employee or two. These are the people who are crucial to a business ― the ones whose absence would sink the company. You need key man insurance on those people.

Key man insurance basics

Before purchasing coverage, give some thought to the effects on your company of possibly losing certain partners or employees.

In opting for this type of coverage, your company would take out life insurance on the key individuals, pay the premiums and designate itself as the beneficiary of the policy. If that person unexpectedly dies, the company receives the claim payout.

This payout would essentially allow your business to stay afloat as you recover from the sudden loss of that employee or partner, without whom it would be difficult to keep the business operating in the short term.

Your company can use the insurance proceeds for expenses until it can find a replacement person, or, if necessary, pay off debts, distribute money to investors, pay severance to employees and close the business down in an orderly manner.

In other words, in the aftermath of this tragedy, the insurance would give you more options than immediate bankruptcy.

Determining whom to cover

Ask yourself: Who is irreplaceable in the short term?

In many small businesses, it is the founder who holds the company together ― he or she may keep the books, manage the employees, handle the key customers, and so on. If that person is gone, the business pretty much stops.

Determining the amount of coverage

  • The amount of coverage depends on your business and revenue.
  • Think of how much money your business would need to survive until it could replace the key person, come up to speed and get the business back on its feet.
  • Buy a policy that fits into your budget and will address your short-term cash needs in case of tragedy.
  • Ask us to get some quotes from different insurers.
  • Check rates for different levels of coverage ($100,000, $500,000, etc.)