Easily Manage Website Passwords

Managing multiple website passwords is one of the more difficult tasks for agency personnel. While tools like Transformation Station and TransactNOW help with this process, there continues to be many sites that your staff goes to daily where each time they have to manually enter User ID and password information.

RoboForm is a tool that can help. I’ve been using it for a while and don’t know how I got along without it!

The program installs as part of your Web browser and manages login and passwords for you. When you log into a website, RoboForm offers to save the online login information into a Passcard after you click the Login/Submit button. The Passcard is saved into a fully encrypted file that requires a master password to access it.

Once the login information page is saved, true one-click login is available by clicking on the website name in the Passcard list. The program automatically navigates to the website’s login page, fills the stored login information into the form, and clicks the submit button. You are logged in with one click.

RoboForm can also complete a form with saved information, such as a contact information form. Your predefined contact information can be populated into a form with just one click.

The free version of RoboForm allows you to have 10 Passcards or less. Upgrading to the Desktop version ($29.95) allows you to save an unlimited number of Passcards and Identities, and comes with unlimited toll-free customer support. Or you could try out the RoboForm Everywhere license for $9.95 for the first year ($19.95 afterwards). The RoboForm Everywhere license allows you to use RoboForm software on all your Windows computers, Macs, and other mobile devices.

Prepare to Die

Death isn’t something most of us want to spend time thinking about, but it’s inevitable for all of us. We need to think about passing on our digital assets as well as our physical and financial ones. Most of us know that we should have a will and beneficiaries designated on investment accounts so that our assets are distributed to the right people, but many people don’t even take this first step. However, those of us who live and work online really need to go further, by thinking about how our loved ones should have access to our digital assets, accounts, and information.

Here are a few things that you should consider:

Password management

Create a way for your family to access certain critical accounts or computers. I know one person who has an encrypted database with all of his passwords and the access information is in a sealed envelope in a safe. Other people use a password management system. Whatever you decide, make sure a trusted family member has a way to access your information. How you choose to do this depends on how you manage your passwords and how often you change them. I think most of us could find some creative way to make it easy for our family to gain access to at least a few key accounts.

Technical documentation

Make sure you have documentation about your technology in a place that people can access without having access to one of your systems. This is especially important if you have systems tied together in a complicated manner. If you don’t have another tech-savvy family member, make sure this documentation includes the names and phone numbers of trusted friends who can help.

Client or work contacts

Keep a file or documentation about your clients in a place where other people can access it. At a minimum, you might want to include the name, email address, and phone number of each current client, or your manager or owner at the agency, so that they can be contacted. I tend to keep everything on my password-protected computer, and it would be very difficult for my family to contact my clients if anything happened to me.

Digital assets

Most of us have family photographs and other digital assets that our family will want to access later. Make sure someone knows how to find those important photographs and other documents, and don’t rely on online photo storage services, which might be deleted at some point. If you keep most of your data on your own server (hosted or onsite), leave instructions for how to access and download anything that someone might want to save.

What else can we do to make this easier for our families? How prepared are you?

ReSource Pro Receives ISO 27001 Information Security Certification

ReSource Pro provides outsourcing services to independent agents in the United States using a service center in China. They were recently awarded the ISO/IEC 27001 information security management certification from the International Organization for Standardization. This certificate is recognized across data-centric industries as external verification that the business in question has adopted rigid security standards in order to better defend its own operations and all forms of client data from unsanctioned access and use.

certificationMaking sure agency client information is secure is essential so that a data security breach does not create serious liabilities such as E&O liabilities, lawsuits, criminal charges, an immediate loss of business, and long-term damage to an agency’s public profile.

ReSource Pro utilized several consulting firms to confirm its adherence to all ISO 27001 standards over a two-year period. The company will also be subject to annual on-site audits in which an independent risk management firm will work to verify the company’s continued compliance with established guidelines and recommend any relevant system upgrades.

CEO Dan Epstein explained, “ReSource Pro has always maintained a rigorous information security management system, but this certification represents our investment in assuring the safety of our clients’ data in an increasingly strict regulatory environment. We now have a universally accepted third-party certification that places us among the industry’s most reliably secure insurance process outsourcing providers.”

A Peek into Google’s Data Centers

Google is normally very secretive about its data centers. They recently posted a new video on its enterprise blog that gives a glimpse into the inner workings of its facilities. The video emphasizes security and environmental best practices.

Google Data Centers
Some highlights from the video:

  • Google builds its own customer servers.
  • Google uses its own custom, stripped down version of Linux. It uses only a minimum set of packages.
  • The facilities are hyper secure – vehicles can’t enter without authorization, and iris scanners are used at some locations.
  • Google rigorously tracks all hard drives that come into the facility.


Anderson Issues Report Protecting Agencies from Data Breaches

NASHVILLE, Tenn. (January 6, 2010)—“Information is the most radioactive element in today’s businesses,” says Steve Anderson of The Anderson Agency Report in his most recent business guide for independent insurance agencies, called Client Information Security.

Anderson’s report highlights that more than 88% of client data breach cases last year involved employee negligence and that 84% of cases involved organizations with more than one incident. The average total per-incident cost of a breach was nearly $6.7 million, including civil and regulatory penalties, administrative expenses and legal defense costs.

Insurance agencies of all sizes are treasure troves of personal client data, and they need to establish effective protective barriers and appropriate responses in case there is a breach. Client Information Security provides agency leaders with the information they need to identify and prioritize their vulnerabilities.

The report provides a walk through the agency’s “weak links,” including employee malpractices and negligence, theft of equipment, and external attacks, such as hacking. It aids the agency in categorizing what data to protect and gives more than 20 detailed steps on how to get a data-breach security plan up and running. Anderson provides a convenient, at-a-glance method for classifying risks and incidents in a graphic depiction that can be used to track, analyze and document compliance with a security plan.

Anderson gives insights into surprising areas of vulnerability, such as the problem of “reverse shredding” of documents, and how to foil hardcopy data thieves. He also goes into substantial detail on dealing with an incident from original, internal discovery to notification of authorities, gathering of evidence, damage control and corrective action.

Client Information Security goes beyond treatment of personal data, addressing corporate data held at agencies as well. It not only helps the agency with its data but makes agency members smarter about risk management and insurance resources for their own clients. Security breach laws are covered in their own section, and a state-by-state summary and “further resources” section round out the comprehensive report. To find out more or order a copy, visit http://www.ClientInformationSecurity.com.

The report can be purchased at www.ClientDataSecurity.com.

About Anderson: Based in Nashville, Tenn., Steve Anderson (www.SteveAnderson.com) is one of the insurance industry’s top consultants and speakers. He delivers keynote addresses, lectures, seminars and conference programs, in addition to individual agency consultations, helping clients maximize productivity and profits by smart use of technology. He is executive editor of The Anderson Agency Report (TAAR), a monthly newsletter dedicated to providing independent agents with the technology information they need to more effectively manage and grow their agencies. In addition to being a licensed independent agent for more than 30 years, Steve has a master’s in Insurance Law.