Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Implement minimum password strength requirements for devices that may be used to connect to AgencyRoot.

  • Establish and regularly review your organization's procedures surrounding the storage of passwords, including prohibition of storing unencrypted AgencyRoot passwords on electronic devices or physically such as on paper. We recommend using a secure password manager such as LastPass or 1Password with two-factor authentication enabled.

  • Establish and regularly review your organization’s procedures and controls for any data that may be exported from AgencyRoot and stored electronically or physically outside of AgencyRoot’s systems.

  • Provide a regularly scheduled user education session to reinforce security procedures and educate about common attack vectors such as phishing attacks.

  • Regularly review generally accepted digital security information and recommendations

  • Password protect and/or encrypt all free-form information in documents uploaded to AgencyRoot.

  • Establish physical security controls to your offices and networks.

  • Add agencyroot.com as a safe-sender or trusted domain where applicable in your email provider. This will ensure you get all timely information from us and don’t miss any emails regarding updates, particularly if they relate to security.

AgencyRoot cannot guarantee the recommended practices above will prevent unauthorized access to your data in AgencyRoot.