Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

We recommend the following best practices to help prevent unauthorized access to your AgencyRoot data:

  • Implement minimum password strength requirements for devices that may be used to connect to AgencyRoot.

  • Establish and regularly review your organization's procedures surrounding the storage of passwords, including the prohibition of storing unencrypted AgencyRoot passwords on electronic devices or physically such as on paper. We recommend using a secure password manager such as LastPass or 1Password with two-factor authentication enabled.

  • Establish and regularly review your organization’s procedures and controls for any data that may be exported from AgencyRoot and stored electronically or physically outside of AgencyRoot’s systems.

  • Provide a regularly scheduled user education session to reinforce security procedures and educate about common attack vectors such as phishing attacks. We recommend using a third-party training, such as ESET: https://www.eset.com/us/business/cybertraining/#compare

  • Regularly review generally accepted digital security information and recommendationsPassword protect and/or encrypt all free-form information in documents uploaded to AgencyRoot.

  • Establish physical security controls for your offices and networks.

  • Add agencyroot.com as a safe-sender or trusted domain where applicable in your email provider. This will ensure you get all timely information from us and don’t miss any emails regarding updates, particularly if they relate to security.

  • To reset your password, log out of AgencyRoot and head to the login page. Find “Reset Password” under the login button, click it, and follow the instructions to reset your password.

...