Complex Network - Complex Risks
The multi-layered structure of the cloud offers a gateway for malfunctions, attacks and operating errors. Hackers have long since discovered this and exploit the security gaps at the level of structures and personnel. Adobe already needed to fix vulnerabilities in Acrobat Reader, Bridge, Dimension, Framemaker and Illustrator in July 2021. Most of these were considered critical.
These risks already begin with the incorrect operation of an application. Whether it’s an unauthorised copy that ends up on a desktop or a well-meaning team member who changes a setting for the supposedly better without prior consultation, thereby opening the floodgates to criminals – improper use can have serious consequences. Deficiencies in the infrastructure also have a firm place in the ranks of risk factors. Poor data backup, lack of access controls and improper or incomplete deletion of media that is no longer required are an invitation for hackers.
Secure Content Creation from the Start
While you can’t protect 100% against cybercrimes, companies can still take steps to ensure that they aren’t completely unprotected against the risks of working in the cloud. It’s important to know and to understand the tools and mechanisms that an application provides for security purposes in advance, so you can use them when there’s an emergency.
This is where Adobe wants to go on the offensive: According to the company, security has been integrated into the entire software development process. An incident response team should be able to react quickly and flexibly to incidents. In addition, Adobe is constantly advancing security through cooperation with partners, experts and other companies. Users are encouraged to report vulnerabilities promptly via the Adobe website and to only buy software from specialist retailers. Cracked software where the manufacturer’s copy protection has been removed is not only illegal, but also not very conducive to cyber security.
Personal and Structural Security
The security of data always goes hand in hand with personal security. Lots of cyber attacks are possible primarily because of human error in companies – we look at the causes behind hacks in detail in our article on cyber crime in 2021. In order to minimise the various risks, you need to take a number of measures in your company that allow you to create content in a framework that is as protected as possible.
- Protect your data - even while it’s in transit
- Classify your data according to sensitivity and analyse which mechanisms are used so the data can remain confidential at all times, for example through encryption, tokenisation and access controls. A token is a hardware component for identifying and authenticating users. And don’t give out any personal or account information. Adobe never asks for either.
- Regular updates
Be sure to keep your applications up to date. Updates close security gaps and ensure smooth processes over the long term.
- Get help
Don’t be afraid to seek support if you have problems. Adobe offers its customers support for all security-related questions.
- Stay alert
You can receive security vulnerability reports through many different channels. So you should stay up to date and revise your security measures if necessary. It’s important to always keep your eyes open and watch out for anything suspicious, such as ominous emails with lots of spelling mistakes. Check the destination URL, sender, and content if you get an email like that. This is also important: Never downplay such discoveries and always take reports from your employees seriously. If in doubt, stick to the previous point and seek support.
- Create clear roles with appropriate permissions for working in the cloud.
To do this, adhere to the principle of least privilege. According to this principle, users only receive the access rights necessary for their area of responsibility. This goes hand in hand with clear identity management – i.e. the targeted administration of user data that is assigned to individual participants. Also, avoid rigid login credentials. It’s better to change them regularly.
- Tracking
It’s best to record actions and changes in real time so you can clarify problems and take action if there are issues.
- Strict separation of users and data
Reduce direct access and manual data processing to a minimum. This measure significantly reduces the risk of incorrect operation and human error.
- Set up incident management
Specify these things precisely: What should happen in an emergency? Who is involved? How do you restore a file or system to its original state?
Ideally, you should secure your work in the Adobe Creative Cloud at all levels, internal and external. If you reduce manual actions to a minimum, encrypt your data, and set up sensibly structured access management, the cloud will enrich your everyday work and allow you to create content worry-free and efficiently.
You Give Everything for Your Clients – and exali Has Your Back
In your creative work, you’re always focused on helping your clients succeed with great content. But when it comes to security measures such as data encryption or the assignment of access rights, errors can quickly creep in and turn the software, which is actually supposed to make your work easier, into a security risk. When criminals exploit these gaps, the damage is usually extensive and, in the worst case can threaten your financial existence. That is why the Professional Indemnity for Digital Professions via exali for creative people, also has the First-party Cyber and Data Risks Insurance (FPC) add on. This protects you and your business from first-party claims in connection with hacker attacks, cyber blackmail, DDoS attacks and other Internet crime. So you can devote yourself to your work with peace of mind – always knowing that you will have professional support at your side in an emergency.
Get a quote now!
<span class='visible--desktop'>First-Party Cyber and Data Risks Insurance (FPC)</span>
<span class='visible--tablet'>First-Party Cyber and Data Risks Insurance (FPC)</span>
<span class='visible--mobile'>FIrst-Party Cyber and Data Risks Insurance (FPC)</span>
<span class='visible--desktop'><p><strong>This add-on protects your business from the risk of hacking, DDoS attacks or other internet crime.</strong></p>
<p>Reimbursed/covered:<strong> </strong>for example costs for the <strong>restoration of your IT systems</strong>, the commissioning of professional <strong>computer forensics analysts</strong> or specialised <strong>lawyers</strong> (including criminal defence) as well as for <strong>crisis management & PR</strong>. Additional costs for the quick elimination or avoidance of an interruption to your business are also insured.</p>
<h5>Further Examples of Damages We Insure</h5>
<ul class="liste">
<li>Damage to your own IT systems (from hacking)</li>
<li>First-party data rights claim (in particular spying on personal data)</li>
<li>Expenses for an (imminent) interruption of business (additional cost coverage)</li>
<li>Breach of trust damage (intentional damage to own IT by employees)</li>
<li>Costs for criminal defence (internet criminal legal protection)</li>
</ul>
<h5>Insurer Services</h5>
<p>The special benefit about this add-on is the assumption of your own <strong>costs</strong>, e.g. for the commissioning of:</p>
<ul class="liste">
<li>Computer forensics specialists</li>
<li>Specialised lawyers</li>
<li>Consultants to provide information to data owners</li>
<li>Professionals for PR & crisis management</li>
<li>Credit protection and monitoring services</li>
</ul>
<p>as well as the assumption of <strong>additional costs, e.g. for the use of third-party IT and computer systems.</strong></p>
</span>
<span class='visible--tablet'><p><strong>This add-on protects your business from the risk of hacking, DDoS attacks or other internet crime.</strong></p>
<p>Reimbursed/covered:<strong> </strong>for example costs for the <strong>restoration of your IT systems</strong>, the commissioning of professional <strong>computer forensics analysts</strong> or specialised <strong>lawyers</strong> (including criminal defence) as well as for <strong>crisis management & PR</strong>. Additional costs for the quick elimination or avoidance of an interruption to your business are also insured.</p>
<h5>Further Examples of Damages We Insure</h5>
<ul class="liste">
<li>Damage to your own IT systems (from hacking)</li>
<li>First-party data rights claim (in particular spying on personal data)</li>
<li>Expenses for an (imminent) interruption of business (additional cost coverage)</li>
<li>Breach of trust damage (intentional damage to own IT by employees)</li>
<li>Costs for criminal defence (internet criminal legal protection)</li>
</ul>
<h5>Insurer Services</h5>
<p>The special benefit about this add-on is the assumption of your own <strong>costs</strong>, e.g. for the commissioning of:</p>
<ul class="liste">
<li>Computer forensics specialists</li>
<li>Specialised lawyers</li>
<li>Consultants to provide information to data owners</li>
<li>Professionals for PR & crisis management</li>
<li>Credit protection and monitoring services</li>
</ul>
<p>as well as the assumption of <strong>additional costs, e.g. for the use of third-party IT and computer systems.</strong></p>
</span>
<span class='visible--mobile'><p>Protection against hacking damage to your own IT systems, DDoS attacks, computer misuse, theft of data carriers and other data rights violations and the majority of the resulting expenses and costs.</p>
</span>
<div class="spaceTop-20">
<div>If you have any further questions, our customer service is happy to help.</div>
<div id="rechnerKontaktForm" class="spaceTop-10">
<div class="col-grid col-grid--flush">
<div class="visible--mobile">
<div id="rkfPhone" class="service-item service-item--phone col col--10 text--center no-margin">
<a href="tel:+498218099460" class="rkfPhone--nr" data-eventpush="eventPush_phone_info">
+49 (0) 821 / 80 99 46 - 0 </a>
</div>
<div class="col col--2 no-margin no-padding position-relative">
<button type="button" class="close modal-info__close" data-dismiss="modal" aria-hidden="true"></button>
</div>
</div>
<div class="hidden--mobile">
<div class="rechnerKontaktForm--no-mobile">
<div id="rkfCallback" class="service-item service-item--callback col col--tablet--4 no-margin">
<span data-eventpush="eventPush_callback_info">
Request call-back </span>
</div>
<div id="rkfMail" class="service-item service-item--mail col col--tablet--4 text--center no-margin">
<span data-eventpush="eventPush_mail_info">
Contact us </span>
</div>
<div id="rkfPhone" class="service-item service-item--phone col col--tablet--4 text--right no-margin">
<a href="tel:+498218099460" data-eventpush="eventPush_phone_info">
+49 (0) 821 / 80 99 46 - 0 </a>
</div>
</div>
</div>
</div>
</div>
<div class="hidden--mobile">
<div class="infoKontaktForm"></div>
<div class="text--right cursor-pointer spaceTop-10">
<a data-dismiss="modal" aria-hidden="true">Close</a>
</div>
</div>
</div>
<span class='visible--desktop'>Engineering Activities (ENG)</span>
<span class='visible--tablet'>Engineering Activities (ENG)</span>
<span class='visible--mobile'>Engineering Activities (ENG)</span>
<span class='visible--desktop'><p><strong>If you provide engineering services exclusively or in addition to IT/telecommunications, you can insure the liability risks with the „Engineering Activities“ endorsement.</strong></p>
<p>The Engineering Activities extension provides <strong>blanket coverage</strong>. This means that all engineering activities are covered without the need for listing each and every activity. Those listed in the engineering endorsement are therefore merely illustrative examples:</p>
<ul class="liste">
<li>Hardware and software development for machinery and plant, embedded software</li>
<li>Machinery and plant testing, commissioning support</li>
<li>Quality management and assurance</li>
<li>Technical drawing, CAD, CAM</li>
<li>Technical management consultancy, in particular purchasing, strategy, process design, activities as expert</li>
</ul>
<h5>Requirements for Engineering Insurance</h5>
<ul class="liste">
<li>You <strong>do not provide engineering services</strong>, plants, machinery or associated parts and/or <strong>planning</strong>.</li>
<li>You provide engineering products <strong>in a supporting and/or advisory capacity</strong> and are not responsible fort he final engineering product.</li>
<li>No machines, systems, engineering products or other parts shall be put into series production directly / <strong>without approval and acceptance</strong> by the principal (keyword: final sign-off).</li>
</ul>
<h5>Deductible</h5>
<p>The deductible for financial loss and property damage is the same as the deductible selected for the financial loss insurance (FLI).</p>
<p>For more information, please refer to <strong>Section A.7 "Engineering Activities (ENG)"</strong> of the Insurance Conditions.</p>
</span>
<span class='visible--tablet'><p><strong>If you provide engineering services exclusively or in addition to IT/telecommunications, you can insure the liability risks with the „Engineering Activities“ endorsement.</strong></p>
<p>The Engineering Activities extension provides <strong>blanket coverage</strong>. This means that all engineering activities are covered without the need for listing each and every activity. Those listed in the engineering endorsement are therefore merely illustrative examples:</p>
<ul class="liste">
<li>Hardware and software development for machinery and plant, embedded software</li>
<li>Machinery and plant testing, commissioning support</li>
<li>Quality management and assurance</li>
<li>Technical drawing, CAD, CAM</li>
<li>Technical management consultancy, in particular purchasing, strategy, process design, activities as expert</li>
</ul>
<h5>Requirements for Engineering Insurance</h5>
<ul class="liste">
<li>You <strong>do not provide engineering services</strong>, plants, machinery or associated parts and/or <strong>planning</strong>.</li>
<li>You provide engineering products <strong>in a supporting and/or advisory capacity</strong> and are not responsible fort he final engineering product.</li>
<li>No machines, systems, engineering products or other parts shall be put into series production directly / <strong>without approval and acceptance</strong> by the principal (keyword: final sign-off).</li>
</ul>
<h5>Deductible</h5>
<p>The deductible for financial loss and property damage is the same as the deductible selected for the financial loss insurance (FLI).</p>
<p>For more information, please refer to <strong>Section A.7 "Engineering Activities (ENG)"</strong> of the Insurance Conditions.</p>
</span>
<span class='visible--mobile'><p>The Engineering Activities extension provides <strong>blanket coverage</strong>.</p>
<h5>Requirements for Engineering Insurance</h5>
<ul class="liste">
<li>You <strong>do not provide engineering services</strong>, plants, machinery or associated parts.</li>
<li>You provide engineering products <strong>in a supporting and/or advisory capacity</strong>.</li>
<li>No machines, systems, engineering products or other parts shall be put into series production directly/<strong>without the client's approval</strong> (final sign-off).</li>
</ul>
<h5>Deductible</h5>
<p>Same as the deductible selected for the financial loss insurance (FLI).</p>
</span>
<div class="spaceTop-20">
<div>If you have any further questions, our customer service is happy to help.</div>
<div id="rechnerKontaktForm" class="spaceTop-10">
<div class="col-grid col-grid--flush">
<div class="visible--mobile">
<div id="rkfPhone" class="service-item service-item--phone col col--10 text--center no-margin">
<a href="tel:+498218099460" class="rkfPhone--nr" data-eventpush="eventPush_phone_info">
+49 (0) 821 / 80 99 46 - 0 </a>
</div>
<div class="col col--2 no-margin no-padding position-relative">
<button type="button" class="close modal-info__close" data-dismiss="modal" aria-hidden="true"></button>
</div>
</div>
<div class="hidden--mobile">
<div class="rechnerKontaktForm--no-mobile">
<div id="rkfCallback" class="service-item service-item--callback col col--tablet--4 no-margin">
<span data-eventpush="eventPush_callback_info">
Request call-back </span>
</div>
<div id="rkfMail" class="service-item service-item--mail col col--tablet--4 text--center no-margin">
<span data-eventpush="eventPush_mail_info">
Contact us </span>
</div>
<div id="rkfPhone" class="service-item service-item--phone col col--tablet--4 text--right no-margin">
<a href="tel:+498218099460" data-eventpush="eventPush_phone_info">
+49 (0) 821 / 80 99 46 - 0 </a>
</div>
</div>
</div>
</div>
</div>
<div class="hidden--mobile">
<div class="infoKontaktForm"></div>
<div class="text--right cursor-pointer spaceTop-10">
<a data-dismiss="modal" aria-hidden="true">Close</a>
</div>
</div>
</div>
Yes, switch to {{targetDomain}}
You indicated that your headquarter is in {{targetCountry}}. So we will redirect you to the corresponding version of exali, {{targetDomain}}. Settings that have been made may not be transferred. The premium and scope of the insurance policies offered may vary slightly depending on the country.
Would you like to switch to {{targetDomain}}?
No, stay on {{currentDomain}}
You indicated that your headquarter is in {{targetCountry}}. So we will redirect you to the corresponding version of exali, {{targetDomain}}. Settings that have been made may not be transferred. The premium and scope of the insurance policies offered may vary slightly depending on the country.
Would you like to switch to {{targetDomain}}?
Yes, switch to {{targetDomain}}
No, stay on {{currentDomain}}
