AGENCY SERVICES

Call us today 877-562-3347

Automation and IT Services for Independent Agencies

Are you ready?

Big_I_MI_stacked_Logo.png

How to get started

If a licensee has 25 or more employees or they wish to adopt a Cybersecurity program, see the following points to help you get started.

  1. Comply to the initial data breach notification requirements by January 20, 2021.
     

  2. Verify your systems are protected and routine testing is performed.
     

  3. Start with identifying where your applications and data are stored.
     

  4. Document data at rest and data in motion.  Ensure your data at rest is protected with state-of-the-art technology such as encryption.  When accessing or sending this data, is the data "in motion" also protected.
     

  5. Know your backup and retention schedule for both on-site and off-site backups.
     

  6. In a case of disaster, know how long it takes to recover.  Known as your RTO or recovery time objective.
     

  7. Establish a written Incident Response Plan designed to respond to, and recover from any cybersecurity event that compromises the confidentiality or nonpublic information or PII.
     

  8. Send out an initial cybersecurity assessment questionnaire to all Third-party data providers and have a third-party management practice within your Cybersecurity Program.

key dates

January 20, 2021 - All licensees must comply with the data breach notification requirements.

January 20, 2022 - All licensees with 25 or more employees are required to implement the information security requirements.

January 20, 2023 - All licensees must comply with the third-party vendor management requirements.