Streamline your agency operation
Home > User Resources > Blog Index > securing-your-system
April 2018 Best Practices

Securing Your System: Protecting Client Data Like Your Own

Essential data security guide for insurance agencies - protect client data with proper authentication, encryption, and security best practices.

How well are you protecting your customers' data? Would you trust an institution that handled your personal information with the same security measures you're using? Your insurance clients trust you the same way you trust your bank - make sure you're worthy of that trust.

The Trust Factor

Your database contains detailed client information that could enable identity theft if compromised. As an insurance professional, you're in the same position as a lending institution when it comes to data protection responsibilities. Your clients trust you to protect their sensitive information just as vigorously as you expect your bank to protect yours.

Reality Check

Based on technical support experience, most agencies don't take data security as seriously as they should. Here are essential security measures you can implement immediately - though this isn't an exhaustive list, it covers the most critical basics.

Windows Security

User Authentication

  • Require both username AND password for Windows login
  • Default Windows behavior suggests usernames and only asks for passwords - this is poor security
  • Search online for: "How to make windows require a username and password in log on screen" (steps vary by Windows version)

Basic Practices

  • Enable password-protected screen savers for when users step away
  • Shut down computers completely when leaving for the day
  • Avoid leaving systems unattended without proper authentication

Network Security

DON'T

  • NO wireless networks (WiFi) - wired networks are significantly more secure
  • Never use Public Networks - always use Private Networks only

DO

  • Use wired connections whenever possible
  • Configure Private Network settings in Windows
  • Consult your IT professional for proper network configuration

Note: ABS doesn't support network setup - work with qualified IT professionals.

Internet Security Software

Essential Protection

  • Use professional-grade security software - multiple quality brands available
  • Follow your IT professional's recommendations for product selection
  • Configure properly even if it occasionally creates software conflicts
  • Maintain support relationship with someone who knows your chosen security product

Note: ABS strongly encourages security software use but cannot provide support for third-party products.

ABS Built-in Security

Encryption Protection

  • Data encryption protects Social Security Numbers and Driver License information since ABS version 1 (20+ years)
  • This alone is NOT sufficient - encryption makes theft difficult, not impossible

Critical: User Authentication

  • Assign unique User ID and Password for each employee through ABS Administration
  • Too many offices skip ABS passwords - this makes data theft extremely easy
  • Don't request "remember" features for login credentials - would you want your bank to be that careless?

Password Best Practices

Strong Password Requirements

  • Minimum 12 characters (ABS allows up to 30)
  • Mix of upper/lowercase letters, numbers, and symbols (&, @, %, etc.)
  • Use the sentence method for memorable strong passwords

Sentence Method Example

Sentence: "The Pilgrims sailed from England in 1620 and landed at Plymouth Rock."

TPsfEi1620&l@PR.

This creates a strong password that's both secure and memorable!

Password Management

  • Memorize when possible using meaningful sentences
  • If writing down passwords is necessary:
    • Store in a locked safe or cabinet
    • Never save in computer files (especially files named "Passwords")
    • Keep records secure and accessible to authorized personnel only

Critical Administrative Requirements

Credential Management

  • Document all system passwords including server access
  • Ensure multiple authorized people know credentials
  • Update records when IT staff changes jobs or locations
  • Test access regularly to prevent lockout situations

Too many support calls fail because no one in the office remembers system passwords.

Your Fiduciary Responsibility

Protecting client data isn't just good practice - it's a professional obligation. Your clients entrust you with sensitive personal and financial information. Implement these security measures to honor that trust and protect their data as carefully as you'd want your own protected.

Remember: Security isn't optional in the insurance business - it's essential.