Security & Technical Recommendations for Agents
We recommend the following best practices to help prevent unauthorized access to your AgencyRoot data:
Implement minimum password strength requirements for devices that may be used to connect to AgencyRoot.
Establish and regularly review your organization's procedures surrounding the storage of passwords, including the prohibition of storing unencrypted AgencyRoot passwords on electronic devices or physically such as on paper. We recommend using a secure password manager such as LastPass or 1Password with two-factor authentication enabled.
Establish and regularly review your organization’s procedures and controls for any data that may be exported from AgencyRoot and stored electronically or physically outside of AgencyRoot’s systems.
Provide a regularly scheduled user education session to reinforce security procedures and educate about common attack vectors such as phishing attacks. We recommend using a third-party training, such as ESET: ESET Cybersecurity Awareness Training
Regularly review generally accepted digital security information and recommendations.
Establish physical security controls for your offices and networks.
Add agencyroot.com as a safe-sender or trusted domain where applicable in your email provider. This will ensure you get all timely information from us and don’t miss any emails regarding updates, particularly if they relate to security.
To reset your password, log out of AgencyRoot and head to the login page. Find “Reset Password” under the login button, click it, and follow the instructions to reset your password.
AgencyRoot cannot guarantee the recommended practices above will prevent unauthorized access to your data in AgencyRoot.