3 Critical Cyber Security Measures

by | Jan 8, 2019 | Risk Management | 0 comments

3 Critical Cyber Security Measures

“Cyber Security? Only mega corporations like Target and Home Depot have to worry about that. I’m just a small tree service. I don’t have anything that hackers would want.”

Be honest, have you ever found yourself saying that? Chances are you have and, naturally, this article will tell you why you need to pay attention to what is going on in the cyber security world. Last year, I attended a Cyber Risk Seminar and learned that 69% of data breaches occur from a negligent insider (or former insider). That means someone inside your company either clicked a bad link, emailed a virus or unknowingly allowed a hacker into your computer system.

Before discussing the ways to minimize your cyber liability, I want to highlight a few areas of exposure that every tree service has. As with any exposure to loss, there are internal and external risks that a business faces.

External Cyber Risks

1. Transmitting a Virus to a Customer/Vendor – Tree care companies rely on email to communicate with their customers and vendors. Email is the most efficient method of communication and also presents the easiest way for your company to be liable for a cyber breach. If one of your employees sends an email that contains a virus to a customer or, worse, your entire customer database, you could be facing a huge unexpected expense. It costs anywhere between $100 – $350 to remove a virus from an infected computer and that cost does not include if any personal data was compromised or any business shutdown occurred because of it.
2. Customer’s Personal Data – Every tree service has some personal information from their customers. Names, addresses, phone numbers, email addresses and credit card numbers are all considered Personally Identifiable Information (PII) and is therefore information that must be protected from a data breach. If a hacker gets into your computer system and gains access to this basic customer information, you will be responsible for notifying the customer of the breach and providing credit monitoring for one year.
In 2016 the average cost for a data breach was $158 per record – How much would a breach cost your business at that price point?

Internal Cyber Risks

1. Employee’s Personal Data – When hiring someone onto your team, there is a lot of personal information that you gather – Social Security numbers, birthdays and driver’s license numbers, to name a few. Do you have a direct deposit payroll system set up? If so, your employee’s bank information is in your system. As the business owner, you clearly have a responsibility to protect your employee’s data. What would happen to your employee loyalty if you failed at keeping their information safe?
2. Business’ Computer System – Interruptions seem to happen fairly often when using technology for your business. Sometimes the internet goes out due to a cut wire down the street. Your phone system may suffer a break in service due to something on the provider’s end. Those are out of your control, however, what you can do something about is your internal business system. Is your computer network backed up in the cloud or off-site? What would happen if your system got hacked and held for ransom from a cyber-attack?

Now that you know the common cyber exposures that all tree services face, here are three areas to focus on to reduce the chance of a cyber liability event. Implementing these changes can reduce your chances of a breach by almost 70%!

1. Inbox Security – Studies have shown that 93% of all computer hacks begins with email phishing. Email phishing is a tactic that hackers use to get the email user to click an infected link embedded in an email to gain access to their system. These can be specific to an individual and look VERY similar to an email that you would get. I’m sure you have received these before but may not have even realized it – an email from UPS about a package delivery or that your Amazon order needs more information. They look very real and ask you to take action by clicking the link included in the email to resolve the issue. Once you click the link, your system is compromised. Working with a proactive IT company will help you get the proper email controls in place to limit the phishing attempts on your employees.
2. Browser Security – The next part of cyber security is enabling the proper security features on your internet browsers. This can again be controlled by your IT firm and will help you restrict access to potentially damaging websites. We’ve all heard stories of how one employee used a work computer to search for something that wasn’t work related and the shady website that was viewed infected the computer and it spread to the other networked computers. Tighten up what sites can be opened and this exposure disappears.
3. Employee Behavior – Training employees on what to look for from a phishing attack or questionable website is the best way to limit the accidental “oops, I shouldn’t have opened that email.” In our agency, we signed our employees up for a six part training on email phishing. As the owner of my company, I need to do whatever I can to make sure my team understands how these schemes work so we don’t cause a data breach.

The world of cyber security can be overwhelming, however, if you focus on these three simple areas, you will drastically limit your exposure to a crippling data breach.

For more information on how to properly protect your business against a cyber event, contact our agency.

Written by: Eric Petersen

4 Steps to Creating a Successful Customer On-boarding Process

by | Dec 27, 2018 | Marketing | 0 comments

4 Steps to Creating a Successful Customer On-boarding Process

Did you know that it costs 5x more to attract a new client than to keep one you already have? So how do you keep current customers happy? The best way is by developing a solid relationship right off the bat with an effective on-boarding process. Customer on-boarding is the process in which you communicate with new customers to introduce them to your company. Whether this with a series of emails, direct mailers, phone calls or a combination of all, (we highly recommend a combination, but we’ll touch more on that later) it is the first step in their customer journey, and some may consider it the most important.

In this article I will outline four simple steps to creating a totally kick-a** process that will truly “WOW” your customers and keep them coming back.

Keep in mind,the construction of your on-boarding process must have your personal twist built into each step to introduce customers to YOUR business. Have fun with it, be real and show the unique personality of your business:

Step 1: The Introduction: Get to know your customer

This one may seem self-explanatory, but the on-boarding process begins right when a customer agrees to work with your business. So, start by getting all of the necessary information about your client. This includes not only the job information, but also any additional information that can create a bond with them. Learn about their family, hobbies and other stories that they tell you. These should be stored in your computer system so they can be retrieved for later conversations. This will solidify in the customer’s eye that you really do care about them.

Step 2: Pre-Job: Send welcome series

Prior to the scheduled job, send a series of communications to your customers welcoming and thanking them for the business opportunity. This can be done with automated emails, or take a more personal route with hand written cards or a phone call.. In most tree care companies, the person who sold the job is not going to be with the crew that comes out to do the job. So a critical element in your on-boarding series should be an introduction of the crew members that will be executing the work. If this is not possible because your crew composition changes, create a page on your website so customer can learn about the individual crew members. (Pro Tip: Create “get to know me” videos for your team members to host on your website and to send to customers)

In your welcome series, you will also need to set the expectation for your company and what is expected of the customer. Go into as much detail as possible about the job that is going to be done, what (if anything) the customer needs to complete prior to the job, the amount of time it will take, and remind them of the scheduled date and time. An informed customer, is generally a happy customer.

Step 3: Post-Job: The follow up

Shortly after the job is completed, send your client a summary of the work that was done, and once again thank them for their business. Let them know about their payment options at this time as well. About a week after the job, while your great work is still fresh in their memory, reach out again to ask for feedback on their experience. Incorporate asking for online reviews if they had a positive experience.

Step 4: Ongoing: Nurturing

This is your opportunity to offer your customer information beyond discussing a job. I recommend sending out a nurturing email campaign by utilizing automated emails. Multiple times throughout the year send customers information regarding proper tree care based on the season, share offers and incentives your company is currently running, or just simply thank them for their continued business. Each touch-point will continue to solidify a relationship with the customer that lasts beyond the original job.

Putting an on-boarding process in place will help your company create lasting relationships with customers that keep them coming back. Be personal and consistent with your process and watch as your customer’s perception of your business begins to transform!

Written by: Amanda Eicher

How to Get the Most Out of Conferences

by | Dec 18, 2018 | Business Strategy | 0 comments

How To Get The Most Out of Conferences

As a professional arborist, I know you spend a lot of time at conferences. Whether it is your local ISA chapter conference, the TCIExpo or the ISA’s annual conference, these events can be time consuming and expensive, however, they are invaluable to your business.

Below are my seven tips to getting the most out of every conference for you and your team:

Before the Conference

– Make Your Plan and Be Intentional. Don’t let a conference happen to you. Make the most out of it by making a plan beforehand. Use these questions to develop your conference strategy.
– What is the primary goal of this conference for you and your team? It could be simply to get as many CEU’s as possible, or it can be to talk to a certain equipment vendor or to learn what ArboRisk’s Thrive is all about ;). Whatever your goal is, be intentional about it. This takes planning with your team to identify what you truly want everyone to get out of the time that you are spending there.
– What sessions will be most valuable for you? Look at the agenda carefully before you go. If there are multiple sessions that you want to attend at the same time, send one of your team members to one of them so your business can get as much information as possible.
– Who do you really want to talk to at the conference? Reach out to them before to set a specific time and place to meet. Conferences get really busy for everyone. Having a predetermined meeting with a key connection is a great way to have the conversation that you want. Make a list of the questions that you want to ask each person and bring that list along with you in case you run into them before your meeting time.
– Stay at the Host Hotel. Some people use conferences as a chance to get away from the day in and day out stress of their business and decide to stay at a further away hotel to get that. That can be beneficial only if you maximize the time that you are in the conference. I’ve found that some of the most valuable information is transferred between attendees during conversations in between sessions or at the social events. By booking your hotel room at the host hotel, I guarantee, you will have more conversations with your peers and get more out of the conference.

At the Conference

– Get to the Registration Booth Early. Plan your trip so one of the first things that you do is go to the registration booth to get the conference materials. This gives you the opportunity to get familiar with the conference space so you don’t miss out on any of the sessions or social events. Many times the room assignments of the sessions are not available to you until you actually get to the venue
– Be Active During Sessions. Sit up close, ask questions and take notes during the sessions. Write down a question to ask the speaker after the session is over with. Being engaged with the content will help you retain the information better and help you think of ways to incorporate the message into your business. Also, if you take solid notes, you’ll be able to share the information with your team at a later date.
– Socialize. I’ve said it already, however, being social at a conference is the best way to maximize your experience there. You never know who you can meet a conference, it could be your next employee or a referral partner or a future mentor.

After the Conference

– Follow-up. If there were people that you enjoyed talking to, send them a post-conference email or LinkedIn request. Ask them an additional question that you had from your conversation.
– Plan for Next Year. If you enjoyed the conference, make even a better plan for next year. Think about what went well and what you would like to do differently next time.

Conferences have provided me with the ability to gain great friendships, advance my career and make wonderful memories, however, it did not happen without my efforts. Be intentional when you go to your next conference and use these seven tips to get the most out of them.

Written by: Eric Petersen

Is Your Safety Program Working?

by | Dec 5, 2018 | Risk Management | 0 comments

Is Your Safety Program Working?

As a risk manager for the tree care industry, I am often asked, “how does a tree service make sure their safety program is working?” Because of this common question, I want to share three simple ways that you can internally audit your safety program to ensure you are doing all you can to get every employee home safe at night.

Are your employees able to explain what to do?

An effective safety program will teach your team members exactly what to do in case of an injury. Simply ask employees from all departments to describe the steps to take. They should know who to call, which clinic they need to go to depending on location, and what forms to fill out as soon as the injury happens. Of course, if they cannot explain what to do during a non-emergency situation, they won’t know during a panic-filled time of injury. Make this the topic at your next safety meeting to train everyone on the procedure for an injury. Have your procedure written down, and kept at all locations and in each vehicle for an emergency.

Can you prove your program is being implemented?

Documentation is a key component of an effective safety program. Whether it is for OSHA or to obtain a lower insurance rates, being able to prove that that your safety program actually exists is the goal. You should have employees sign that they acknowledge and understand the safety program and employee handbook, as well as attendance sheets for the weekly or bi-weekly safety meetings. Be sure to note the topics on the attendance sheets as well. This also helps you recognize if an employee is not being properly trained on a piece of equipment or operational service that you provide.

Numbers Talk!

Have a safety committee member be in charge of monitoring your data. A simple Excel document is a great way to track important statistics like; number of incidents, number of different employees injured, number of missed work days, etc. These numbers should be reviewed monthly or quarterly at the very least. Make note to monitor both positive and negative trends as you’ll want to reward a strong safety environment while addressing any obvious issues.

Remember, even TCIA Accredited companies have serious injuries and fatalities that could have been prevented. Don’t let your safety culture get stale and ineffective. Use these three ideas to monitor the strength of your program so you know when and how to improve it.

Written by: Malcolm Jeffris, CTSP

Make it Your Best Year Yet

by | Nov 28, 2018 | Business Strategy | 0 comments

Make It Your Best Year Yet

Raise your hand if you dread creating an annual business plan! Well you’re not alone.
We’ve all heard the famous quote from Benjamin Franklin, “failing to plan is planning to fail”, yet how often do you hear people say “I don’t have time to do an annual business plan”.

Taking time to do an annual plan saves time and increases productivity. This article is designed to give you a simple framework of how to perform an annual business planning session. The key is to set aside uninterrupted time for it, preferably on a couple different days so you can have some time to think about it in between sessions.

1. Start With Why – The Cheshire Cat of Alice in Wonderland said it simply, “If you don’t know where you’re going, any road will get you there.” If you have not clearly defined the why you do what you do, now is the time to do so. Your Why is your Mission Statement and serves as the north star for your business. Your annual business plan defines how and what you need to do to advance the company and its mission. In addition, review your vision statement, the what you do, and your core values, how you do it. Combined, these three elements create a culture for your business.

2. SWOT Analysis – Next have a clear understanding of where your business is today. Review the goals and your performance from the prior year. Where did you do well and be brutally honest about where you did not meet your goals. The SWOT Analysis is one of the most common ways to start planning for your company. List out all of your current company’s Strengths, Weaknesses, Opportunities and Threats. Gather input from team members in all areas of your business so your plan can be as robust as possible. Compare these findings with your successes and failures from the prior year. Tony Robbins sums it up like this: “Success leaves clues. Go figure out what someone who was successful did and model it. Improve it, but learn their steps. They have knowledge” It is pretty remarkable what happens when you include your team in this part of the annual planning. We do this in our agency using Survey Monkey so each team member has a chance to respond anonymously.

3. Big Picture Goals – In my opinion, it is best for companies to have no more than 3 big picture goals for the year. When setting goals use the acronym S.M.A.R.T. to help guide you. S.M.A.R.T. stands for Specific, Measurable, Attainable, Realistic and Time. Each goal must be specific enough that your team members can understand what the desired outcome is. That means the goal must have something measurable assigned to it. Whether that is a total amount of new customers, an increase of the number of five star reviews on Google or a decrease in the number of injuries for the year, make sure you can track it. The goal also should be attainable and realistic given the current state of your organization. Stretch goals are great if they are accomplished, however, stating a large stretch goal can have a negative consequence on employee morale if the year does not go as planned. Lastly, each goal needs to have a time element to it. When do you want the goal to be achieved? A goal without an end date is not a goal that your team members can rally behind. Give your organization a chance at accomplishing the goals you set by making them S.M.A.R.T.

4. Objectives for Each Goal – When you have your three big picture goals written down, take a look at each one of them and break them up into smaller objectives. Assign these objectives or tasks to individuals who have the ability and responsibility to accomplish them. Make sure each team a member understands their role and is willing to do what it takes to complete their part. Go back to the SWOT analysis and align objectives with the people on your team with the strengths in the area needed to accomplish the objectives. If there is an area of weakness, incorporate training needs to bolster your team’s resources and effectiveness.

5. Check-in and Make Adjustments – Because each goal has an end date, create a timeline of when to check-in on the progress of the goal. Paying attention to the status of the goal throughout the year will allow you and your team an opportunity to make any adjustments necessary to achieve the goal. In addition to setting up a series of small check-in points, schedule a semi-annual review. Here is an article devoted specifically to your mid-year review.

To learn more about how strategic planning can enhance your organization, take a look at our Thrive Risk Management Strategic Planning Package. In just 4 short weeks we can help you identify who you are as a company, what you want to become, and what strategic milestones will be needed to achieve your goals.

Written by: Jim Skiera