Quick Security Review

Staying Secure All Year

Being secure is important, especially with data breaches always being a threat.  It is good practice to make sure you and your business are doing everything to stay secure all year round.  Below are some tips that are good practice for both the boberdoo system and just in general.

lead management plan

Unique Usernames & Passwords Per User

Make sure everyone has their own admin login.  We have seen users and clients use the same admin account across multiple employees, which in turn, leads to a lack of transparency of who is doing what and puts the business at risk.  Make sure everyone has a unique username & password and utilize user groups to allow employees to have access only to the pages that are relevant to their jobs. 

Change Your Passwords

The more often passwords are changed the better, such as every 90 or 180 days.  If the passwords in your system have not been changed at all this past year, it is probably a good idea to change them.  The longer and more complex passwords are, the better. Be sure to use all those uppercase, lowercase, numbers and symbols. Also, please do not make your password "password" or your birthday. 

Two Factor Authentication

Just like extra layers on a cake, an extra layer of security is always a good idea.  With two factor authentication, you can use your phone number or another email to authenticate when a password is being changed or a new device logs into a system. 

Lock Admin Logins To Specific IPs

In Settings under both User or User Group in the system, you can set specific IP addresses, for a group such as a call center, as well as what IP addresses each user is allowed to log in from.  This is important to make sure that you users are logging into the system from secure IP addresses. 

Delete Old Users

It seems simple, but sometimes simple problems are the most costly.  When a user leaves your company for any reason, delete their U/Ps make sure that they do not have any way to access anything that has to do with the business. 

Control Lead Exporting

In the boberdoo system specifically, under Manage User Groups, there is an option for "Can email leads" which allows you to determine if that group can export leads while boberdoo's secure mode allows exports to be logged.  Work from "less to more" when it comes to who can do what in your system. 

Review User Group Permissions

Creating specific user groups that only allow users to perform tasks related to their jobs is a good idea.  Take the time to look through your users, and what they are, and are not, able to do.  Evaluate and decide if they really need to be able to do what they are allowed to, because accidents happen. 

Request A Demo

It is our belief, here at boberdoo, that businesses should only hold on to data for as long as it takes to complete what they are using it for. Therefore, one of the biggest aspects of security in the boberdoo system is secure data retention. This is important because lead companies typically hold on their data longer than necessary, which is a potential liability and in turn, ends up putting their business at risk.  Is your lead system positioned for secure data retention?  If not click here to learn more and explore how boberdoo can help your business.

Learn More

More from our blog

See all posts
To Know Your Customer Is To Love Your Customer
Dan Cerceo, CISO boberdoo.com/Assumed
Continue reading
Making Security a Top Priority: Why Multi-Factor Authentication is Just the Beginning
While multi-factor authentication effectively protects customer information, it's just one piece of the puzzle. Lead generation companies should also...
Continue reading
Don't Let Your Data Fall into the Wrong Hands: Assessing Your Service Providers
Assessing the security practices of your service providers is an essential part of ensuring the security of your lead generation company's data. To...
Continue reading
Why Every Lead Generation Company Needs an Incident Response Plan, Step-By-Step Guide
Data breaches and other security incidents can happen to any company, including lead generation companies. As a result, these companies must develop...
Continue reading
How to Train Security Personnel in Lead Generation Companies
To protect customer data and comply with regulatory requirements, lead generation companies must implement a comprehensive training program for...
Continue reading
Best Practices for Encrypting Sensitive Information
Lead generation companies must implement best practices for encrypting data to protect sensitive customer data. This includes encrypting all...
Continue reading
Securing Data: How to Limit & Monitor Employee Access to Information
Limiting and monitoring access to sensitive customer information is critical for lead generation companies to protect against data breaches and...
Continue reading
Develop a Risk Assessment Plan for Your Company | A Step-By-Step Guide
According to the new FTC Safeguards, all companies, including lead generation ones, must develop a written risk assessment plan to identify and...
Continue reading
Why Lead Generation Companies Need a Qualified Person for Security
You might be here because of the new FTC Safeguard Rule, and if so, we have more upcoming posts to help guide you through before the deadline....
Continue reading
FTC Safeguard Rules - A Guide for Lead Generation Companies
As lead generation companies continue to collect and process sensitive customer information, compliance with the Federal Trade Commission's Safeguard...
Continue reading
Ping Post Illegal For Mortgage Leads?
DID THE CFPB JUST KILL PING POST TRANSACTIONS?: Regulator Finds Sell of Transfer Leads to Highest Bidder May Violate RESPA - by TCPAWorld.com
Continue reading
boberdoo's New Security Hub & Everything You Should Know!
You may have noticed the new subtab under the Compliance tab in your lead system. This is our new Security Hub! The Security Hub is a dashboard where...
Continue reading

©copyright 2024 boberdoo.com LLC | Privacy Policy | Terms of Use | DMCA Policy | Sitemap