Security Alert: Time to Move from Internet Explorer 6 to a Newer Version For more details, click here Independent Agents Fined For Not Having Written Security Plans
This article discusses the importance of agencies having and implementing a written security plan in order to protect their clients’ personal information and to meet increasingly specific state privacy requirements. The article then provides links to information and resources that will assist agencies in building a viable security strategy and plan to protect their clients and their business. Information Security Concerns in Hotels and Hotspots
This article outlines the major security risks facing computer users in hotels and wireless hotspots and outlines practical steps you can take to protect yourself in these environments. Full story
Protect Your Clients with Secure Email Using TLS
Agencies and carriers are encouraged to implement an efficient and cost effective approach to secure email by enabling their email servers for TLS (Transport Layer Security) email encryption. This article explains how TLS works. click here. TLS Email Encryption-- Agents' Frequently Asked Questions
This document builds upon ACT's article, "Protect Your Clients with Secure Email Using TLS," and provides answers to agents' most frequently asked questions, including giving examples of carriers that are enabled for TLS for their agents. click here.
Insurance Carriers Enabled for TLS Email Encryption for their Agencies Several insurance carriers have reported to ACT that they support TLS email encryption for their agencies provided the agency has also enabled TLS on its inhouse or hosted mail servers. With some of these carriers, once the agency enables TLS, they are automatically enabled with the carrier. With other carriers, the TLS enabled agency must specifically request the carrier to turn on TLS with the agency. For further information regarding which carriers are enabled for TLS with their agents and whether this is automatic or requires the agent to request TLS from the carrier, please Click here. ACT Recorded Webinar: Protecting Independent Agent Clients with Secure Email Using TLS Recorded May 13, 2010 (Demo in last 15 minutes puts more focus on implementation on Microsoft 2007 Exchange Server). Features Jim Rogers (The Hartford) & Tim Woodcock (Courtesy Computers)
ACT Recorded Webinar: Protecting Independent Agent Clients with Secure Email Using TLS Recorded Aug 18, 2009 (Demo in 2nd half focuses on implementation on Microsoft 2003 Exchange Server). Features Jim Rogers (The Hartford) & Tim Woodcock (Courtesy Computers) PowerPoints (including screen-shots of TLS implementation and detailed notes; and selected regulatory information):
May 13, 2010 session (focusing on Microsoft 2007 Exchange Server in last 15 minutes) click here Aug 18, 2009 session (focusing on Microsoft 2003 Exchange Server in 2nd half) click here
* When you download the PowerPoint, it is best to save it to your desktop, so you are not prompted for a password.
Improving the Handling of Passwords in the Real-Time Environment
At its February, 2009 meeting, ACT approved this major business case to encourage carriers and vendors to improve the way passwords are handled in the real-time environment. The problem today is that real-time transactions frequently error out because the user’s password has expired. It then takes the agent 5-10 minutes to update the password on the carrier Web site, the agency system real-time tool, and to begin the transaction all over again. The Business Case outlines the pros and cons of the current real-time environment and then provides carriers with several recommendations to improve their real-time password workflow-- most of which are in practice today with some carriers. The recommendations include giving agents advance notice before passwords expire; considering non-expiring, more complex passwords for real-time transactions or at least passwords of a longer duration (such as annual); implementing password synchronization with the vendor systems so agents can make password changes in the midst of real-time transactions; and working with vendors to develop a delete user real-time transaction.
Word PDF Ongoing Security Risk Monitoring for Agency Owners and Security Managers
The reports and guides below give the agency a good picture of the major security issues they should be covering in their procedures and audits. However, specific security risks are continually arising, so it is important for agencies to monitor sites and receive regular updates on the specific new security risks that arise and may affect them. Protecting Agency Customer Information from Identity Theft
This report discusses key issues agencies must tackle to safeguard private customer information, prevent identity theft, implement an effective security policy, and protect agency data both while at rest in the agency's systems as well as in transit to and from the agency. Click Here Managing the Security Risks of Portable Devices
This article focuses on the special security risks presented by laptops and other portable devices and the specific steps agencies can take to manage these risks. It also discusses the importance of agencies taking pro-active steps on the security issue overall to safeguard their core data and the confidentiality of their customers' information, as well as to fulfill their legal obligations. click here. The Independent Agent's Guide to Systems Security
This guide lays out the risks and steps to take, and includes a self assessment tool and sample security policy. It is written for the agency business leader. Download Here Protecting Agency Security Takes Center Stage
This article discusses the lessons to be taken from the recent major profile identity theft cases, the importance of effective agency password management, and the availability for download of a comprehensive agency security guide from ACT. click here Take Charge of Your Agency's Digital Security
Alvito Vaz, Progressive Insurance, provides agency principals with a clear and succinct overview of the security issues they should be thinking about. click here ACT Guidelines for Multiple Passwords
ACT has approved recommended password formatting guidelines for companies and vendors and urges companies and vendors to adopt them. These guidelines, when adopted, will permit agents to use a common password for several company and vendor systems, alleviating the current password nightmare that agency employees are experiencing. At the same time, the adoption of the guidelines will enhance security at the agency level because agency employees will no longer have to maintain lists of passwords. These guidelines were revised by the ACT Governing Council on September 21, 2003. Protecting Your Client's Most Private Information
This article explains the importance of implementing an agency privacy policy and procedures and references the ACT and IIABA tools available to assist agents. click here | 
