Mortgage Software Solutions Blog

Cloud Storage Reduces IT Costs and Improves Scalability for Mortgage Companies


Mobile phone in hand

Those of you who've worked in the mortgage industry for the last two decades know how much has changed in just the last five years. Technologies have evolved quickly to provide more ways to accomplish tasks, including superior organization. Despite this, you've perhaps balked on finding ways to reduce your IT costs. Doing things the same way is perhaps hard to break after being in business for over 20 years.

Don't become complacent, because many IT solutions are affordable and necessary.  Security should be paramount when storing client information.  Today's software is being written to comply with the latest regulatory requirements and not all of it is expensive either.

With a rise in cloud and mobile technologies, you can do so much more while paying less. The same goes with scalability.

Using Automation to Improve Client Communication

When you look at the biggest challenges facing mortgage organizations like yours, client communication is at the top of the list. In a time when you likely have to compete with other lending agencies a short distance away, you need to keep your clients loyal.

The way forward is to use automation to gain efficiency. The older methods of reaching your clients only by phone can frequently lead to delays. Consider other communication methods, texting for example may be the best way to shorten the business cycle.    

Automating your communication will allow you to reach your clients faster and provide the ability to personalize content for more sucessful lead generation. Through affordable mobile technology and automation, you can send information at key times to your existing or prospective clients. Doing so educates them on their mortgage options.

Using the Cloud for Data Storage and Retrieval

We noted a while ago that cloud security is the future of all mortgage companies. After saying this over two years ago, it's a fact now, and a must to prepare for the unexpected.

Considering on-site servers can easily become hacked, you need to upgrade to the cloud to keep yourself compliant with client data. While cloud pricing varies depending on needs, it still reduces cost because you're eliminating maintenance on your own servers.

During disasters, you're also preparing yourself for business continuity. You can access anything in the cloud 24/7 as long as you have an Internet connection. When a disaster strikes, you can retrieve all client information immediately to keep your lending business on its feet.

The Use of Mobile Apps to Simplify the Lending Process

Many home buyers want to simplify how they obtain a mortgage without all the protracted steps. Creating a mobile app to make the process easier helps remove complex steps otherwise increasing your operating costs.

An app gives your clients more control over the time it takes to get a loan and the terms they want. Despite apps requiring design time, they'll pay off long-term thanks by increasing business and gaining your customers' trust.

Transparency is an important aspect to lending today. Allowing this through mobile technology is essential, as long as you have quality IT management in place.

Scaling Your Mortgage Company

To keep up with demands, you can do a lot of practical things to scale your mortgage business. If you're short on clients, Zillow reminds using CRM software can often help connect better with potential customers. Also redesigning your website and starting a blog can get home buyers more interested.

During times when you just need to find room to expand data, the cloud can scale quickly for you. This eliminates having to depend on other risky storage methods. When you want to scale due to unexpected growth, you can do so with the cloud, plus still have room for further growth down the road.

At Access Business Technologies, we provide game-changing technologies and tools to help your mortgage business reduce costs while still growing. Our MortgageWorkspace product allows you to scale quickly and securely by putting your business into the cloud. It offers efficient ways to keep your data compliant using intuitive dashboards and admin tools. Learn more about how MortageWorkspace can make the mortgage process easier for your employees and customers by scheduling a call with us. 

 Schedule a Call

 


 



 

Topics: Compliance Cloud Mortgage Servicing Cloud Computing MortgageWorkSpace cloud storage

Cyber Security Trends Put You, Your Company, and Your Devices at Risk

 

Lock on keyboard

Staying on top of cyber security is one of the most critical aspects of protecting your business. That includes knowing about the latest scams and threats on the horizon. Whether you're protecting yourself, protecting your company, or protecting your devices, you need to know about the latest concerns in cyber security. 

Pop-ups and Scam Calls

Instead of sending out viruses that are likely to be caught by your firewall, many hackers are attempting to catch your team unaware. Pop-ups claiming they are able to "fix" computer problems that don't really exist are one of the most common cyber threats--and unfortunately, they're becoming increasingly savvy. Some are clones of your antivirus software, while others are specifically designed to look like Windows error messages.

Scam calls are also an increasingly common form of social engineering. In order to protect your business, your staff must have the tools to recognize scam calls and react to them appropriately. Without that knowledge, unknowing employees could accidentally release confidential client data or provide system passwords to individuals masquerading as employees. Protecting your company means ensuring that every employee is familiar with the potential for scam calls and knows how to react appropriately. 

IRS Taxpayer Scams

The recent tax season has seen a substantial rise in the number of IRS taxpayer scams. Even the most law-abiding citizen reacts to contact from the IRS with stress and tension. As a result, they're more likely to respond quickly and instinctively to threats rather than taking the time to think their responses through. Today's scammers demand information immediately, insisting that they're going to arrest the victim if they don't respond as soon as possible. They're offer refunds if the victim will simply provide them with necessary bank account information. Scammers frequently insist that payment be made immediately, rather than allowing individuals to set up payment arrangements or take the time to ensure the validity of the communication. 

Note that the IRS never contacts people over the phone. Instead, they'll use certified mail for their initial contact. They also allow citizens to take the time to ensure the validity of their claims and to set up payment arrangements for outstanding debts, rather than putting pressure on citizens for immediate payment. By remaining aware of these circumstances, you can help protect yourself and your employees against this common scam.

Petya Ransomware

Many business owners, managers, and directors are terrified by the rise of ransomware--and with good reason. Ransomware encrypts every file in your system, making it unusable until you either break the encryption and pay the ransom--and in some cases, even if you pay the ransom, hackers may not be able to deliver a "fix." The Petya ransomware attack, which is one of the latest waves of ransomware attacking businesses, encrypts the master boot records of Windows machines. This makes the machines completely unusable until the $300 ransom is paid or a solution is found.

In order to protect against Petya, it's critical that your antivirus software remain updated, as many companies have already released patches that claim to protect against it. You can also protect against ransomware breaches by ensuring that your computer has been updated through at least March 2017, when a critical patch was released that defended against the EternalBlue vulnerability. Petya, in particular, will not impact your computer if you have the read-only file C:\Windows\perfc.dat installed on your computer; however, this will not prevent your computer from impacting others on the network. 

Protecting yourself, your company, and your devices is a full-time job. If you need additional help with this critical process, contact us today to learn how we can help keep your protections updated and your company safer.



 

Topics: ransomware Petya ransomware cybersecurity

What Your Mortage Company Needs to Know about HOEPA

Home Ownership Equity Protection Act-1.jpg

Congress passed the Home Ownership and Equity Protection Act (HOEPA) in 1994 as an amendment to the Truth in Lending Act. The legislative intent was to tackle the abuses in the mortgage refinancing industry and with respect to home equity loans that charge high interest rates or high fees. Below is some basic information about loans and required disclosures you should be familiar with as a mortgage company.

Section 32 Loans

People often refer to these loans as Section 32 loans in reference to Section 32 of Regulation Z of the Truth in Lending Act (TILA) which put the law into action. The Consumer Financial Protection Bureau issued a final Regulation Z in 2013 which was effective for loans on and after January 1, 2014.

Types of Loans Covered by Section 32

Section 32 covers a loan if the Annual Percentage Rate (APR) exceeds the average prime offer (APOR) rate for a comparable maturity loan by:

  • 6.5% for first liens
  • 8.5% for first liens less than $50,000 secured by a manufactured home, or other personal property
  • 8.5% for junior liens

Section 32 also covers loans where the total fees and points are greater than:

  • 5% of the loan amount for loans of $20,000 or more, or
  • The lesser of 8% of the total loan amount or $1,000, for loans less than $20,000 (threshold figures adjusted annually).

The law also considers a loan a "high-cost mortgage" if that loan charges prepayment penalties 36 months or more after the loan begins or the account opens, or if the prepayment penalty exceeds more than 2% of the amount being prepaid. A prepayment penalty does not include "conditionally waived" upfront good faith third-party closing costs.

Section 32 loans apply to those for refinancing, purchase-money loans, home equity loans and home equity lines of credit with high rates or high fees. The rule does not apply to loans to build a home, reverse mortgages, loans issued by HFAs, or loans under USDA's Section 502 Direct Loan program.

What Happens if a Loan Comes under Section 32?

The lender who makes a Section 32 loan must make certain disclosures to the borrower no less than three business days before the loan process completes or the account opens.

The following required disclosures are in addition to the general TILA disclosures:

  • Written notice that the borrower does not have to complete the loan even if he's already signed the application and received the disclosures (borrowers have 3 business days after receiving the Section 32 disclosures to decide if they want to sign the loan agreement)
  • Written warning that the lender will take a mortgage lien on the home, that a borrower who fails to make the required payments can lose the home and all money put into it
  • Written disclosure of the APR, the payment amount. If the borrower has a variable rate, the written notice must state that both the rate and the monthly payment amount may increase as well as the maximum monthly amount

The final regulation provides, if the information in the disclosures becomes outdated or inaccurate, the lender must provide new disclosures and start a new three-day period. Consumers may waive the three-day period for a personal emergency.

The lender may provide the new disclosures by telephone -- if the consumer initiated the change -- and if (before the parties complete the loan agreement or the account opens):

  • The lender provides the new disclosures
  • The lender and consumer sign a written agreement with respect to telephonic disclosures

Abuses Are Banned from High-Rate Loans

The law prohibits the following features in relation to high-rate Section 32 loans:

  • Balloon payments generally; (Balloon payments generally mean a loan where the borrower's regular payments do not pay off the principal and the borrower must pay a lump sum amount of principal at the term end)
  • Prepayment penalties
  • Financing points and fees
  • Late fees if they are greater than four percent of the past due amount or late fees imposed before the loan is 15 days past due
  • Lenders must provide the borrower with a payoff statement within 5 days of the borrower's request (with fees restricted)
  • Fees to modify or defer the loan
  • Lenders may not recommend or encourage default

For home equity lines of credit, the lender must assess the borrower’s ability to repay. For closed-end home equity loans, the borrower must satisfy the requirements of the 2013 Ability-to-Repay Final Rule. Congress passed the ability to pay provisions under the Dodd-Frank Wall Street Reform and Consumer Protection Act. The final Regulation Z put these rules into effect.

Other Abusive Practices Prohibited by Section 32

Section 32 forbids lenders to engage in lending practices based on the property's collateral value without taking into account whether the borrower can repay the loan.

Home improvement loan dollars must disperse directly to the borrower (or jointly to the lender and the contractor) or to an escrow agent.

Remedies

A borrower who sues the lender for violation of Section 32 may recover statutory and actual damages, court costs and attorney's fees. The borrower may also rescind the contract for up to three years.

To delve further into the details on the final rules with regard to determining interest APRs and index, determining high-cost points and fees, as well as determining interest rate thresholds under the average prime offer rate (APOR) read Recent Changes to HOEPA. 

Topics: Compliance for Mortgage Companies

Leverage Your Cloud Software for a More Efficient Workflow

 

Mortgage-WorkSpace-cloud-solutions.jpg

Making the most of your mortgage software for an efficient workflow is an admirable goal. However, it’s not enough to have this goal; you have to know how to make it come to fruition. Read on to discover different ways to do this. But first, it’s important to understand the role of your software.

Mortgage Software

Your software should improve the borrower's experience when applying for a mortgage. It should also improve the efficacy of the your company’s internal operations.

Softwareor any tool you use—is not an added benefit to the mortgage process, however, if it adds unnecessary steps to the employee's workload and slows down the workflow.

We need it to meet the needs of lenders, including the demands imposed by the Consumer Financial Protection Board's regulatory schemes. When it is successful, mortgage software plays to the your company’s strengths. It fills in gaps where there would typically be deficiencies. And, perhaps most difficult of all, it predicts regulatory requirements.

Understanding Your Organizational Workflow

Learning how mortgage software can improve your workflow and how to select the right product requires an intense evaluation of the two processes that make up the workflow.

  • internal operations
  • borrower experience

Internal Operations

Each mortgage application has the same basic stages (although additional requirements may attach for specific loans). Organizations need to understand, by evaluating and analyzing the processes, how they operate in each of the stages described below:

  • pre-qualification
  • application
  • verification
  • processing
  • underwriting
  • closing

Managers probably have their own ideas of how their companies may improve the various stages. After all, it is not always a one-size-fits-all solution. It is important to evaluate these stages not only in terms of legacy processes but also in terms of how they might improve through the use of cloud technology.

The analysis of a workflow provides an opportunity to review compliance efforts and see where automation or cloud technology can help improve compliance. An added benfefit is that it may even save time and money.

A prime example is the three-day disclosure rule. A tool that automatically sends disclosure information within the three-day disclosure window may eliminate human errors (inconsistencies) and speed up the process at the same time. Cloud software applications may save time by verifying data provided by borrowers against aggregate databases.

Your analysis will show where you have bottlenecks, inefficiencies, and duplication of effort. When you look at the workflow priorities together with the organization's strategic goals, the type of software that works best for the organization will become apparent.

The Borrower's Experience

The digital mortgage is coming to the industry. For a business that has relied on face-to-face communication with borrowers and a significant paper trail, it may seem a difficult transition. There are, however, many ways that technology can improve the borrower experience. In fact, borrowers may move easier in that direction than lenders.

On-demand services in other consumer areas has led borrowers to expect faster service from elsewhere in their lives, including what is typically considered the largest purchase of a person’s life - home buying. The process will never match push-button, instant satisfaction like other consumer service areas, because of the compliance aspect. Technology, however, can help in two ways.

  • Transparency through on-line dashboards, mobile applications, and other self-serve features
  • Access to loan data through digitally managed and delivered documents, and a holistic view of their data helps borrowers feel they have a better handle on their loans

MortgageWorkSpace®

This powerful cloud-based portal from Access Business Technologies provides your teams the freedom from the paper chase that they want, but with the control they need over internal workflow and compliance processes. With Mortgage WorkSpace offers your company the abilities to manage documentation, software applications, devices and security all from within the portal. Additionally, it includes Office 365 Mortgage, giving you the advantages of Office 365 but built specifically for the mortgage industry.

To learn more about how cloud-based solutions can make your mortgage company more efficient, please contact us.



 

Topics: MortgageWorkSpace

3 Tips to Help Defend Your Mortgage Company from Cyber Threats


DataThreats.jpg

The digital threat landscape for mortgage companies is enough to unnerve the most stalwart IT professional. Reviewing threat alerts is part and parcel of asking yourself the question, can you defend your mortgage company from ALL of today's threats? Well, we're here to help. Here are three tips that might just aid you on your way.

  1. Be Proactive When it Comes To Your Company’s Data

Today's mortgage companies do more and more business online. To monitor your company’s IT security means monitoring multiple platforms of threat alerts. On an ongoing basis, mortgage companies need to be diligent with understanding the following as they relate to your everyday operations:

  • Viruses
  • Malware and Ransomware
  • Websites and IPs to whitelist/blacklist
  • Updates for apps
  • Security alerts for O/S
  • Scams (which often result in all of the above)
  1. Know What Cyber Threats are Out There

A sophisticated malware campaign that threatened company IT networks with multiple intrusions has been doing so since April of 2016 . These cyber criminals have stolen administrative credentials, certificates, and then made multiple implants of several types of malware that attack critical IT systems. The campaign targeted multiple victims across multiple sectors. Depending on what security defenses are in place on a targeted organization's networks, the cyber criminals may gain full access to the organization's network, including the data stored there.

Additionally, because the malware uses stolen administrative credentials, a target's monitoring toolsput in place to protect its networksmay view the intrusions as coming with authorized access. This will unfortunately circumvent security protocols, as the incoming threat will not be recognized as such. What’s the moral of this story? If you’re going to have tools, make sure they’re smarter than the threats that can trick them.

Sectors targeted include Information Technology, Energy, Healthcare, Public Health, Communications and Critical Manufacturing. While these are some of the more commonly affected industries, no industry is truly safe.

The United States Computer Emergency Readiness Team issued Yellow Threat Level Alert (TA17-117A) with respect to this particular campaign.

  1. Understand and Use the Right Tools for Your Business

The following tools are available to help fight malware intrusions.

  • MXToolBox. This internet tool allows you to identify the domain name if you know the IP address (known as reverse lookup). Reverse lookup means you can find websites from the known IP addresses of intruders. You can also do a forward lookup to find the IP address from a particular domain name.
  • ForcePoint/WebSense: This company specializes in computer security software that helps protect data and networks from attacks inside and outside the organization, in the Cloud, and on mobile devices.
  • Webroot: Manages endpoints (computer, mobile devices, printers, POS terminals, etc.) anywhere, anytime, online. Delivers threat data in real-time. Continuously collects data, analyzes it, and makes correlations.
  • Software Restriction Policies: Software Restriction Policies are trust policies developed by the network administrator that keep scripts and codesthat the administrator finds not entirely trustworthyfrom running. Software Restriction Policies integrate with Microsoft's Active Directory and Group Policy. Administrators may use Software Restriction Policies to create highly restricted configurations on computers that only allow certain applications to run.
  • Intune: Microsoft created Intune to manage mobile devices, mobile applications, and to manage PCs from the Cloud. Intune keeps corporate data secure while allowing an organization's employees to access the data anytime, anywhere, and from almost any device.
  • Sonic Wall: Sonic Wall is a powerful firewall security tool. It protects networks against viruses, spam, spyware, intrusions, and various other threats. It scans and inspects all the traffic in the network using deep packet technology (that is, looking at the data part of a packet when it passes an inspection point). Designed to protect many kinds of businesses from retailers to organizations with branch offices, from medium-sized organizations to large enterprises.
  • Sonic Winds: Sonic Winds has a line of products that help manage networks more efficiently, including security and compliance products, such as its log and event manager, to quickly identify security incidents. Sonic Winds also creates reports that make regulatory compliance a breeze.

Remember the recent WannaCry ransomware attack? Experts can all mostly agree that being proactive with your threat management is the best way to avoid threats. Also, having tools in place create a far more ideal outcome for your company than waiting for an attack to happen and then doing something about it.  

To find out how ABT can help your mortgage company put up the good fight against the seemingly endless security threats, contact us. ABT has many recommended practices in place, such as website filters, app whitelisting, password policies, account control (limited admin access for users), workstation management (DeviceGuardian™ for major clients) server patching, change control, and network firewalls. Having ABT's Mortgage Technology Experts on your side helps you leverage all of their tools. ABT has over 50 years of IT management in the mortgage sector and we will help secure your mortgage company beyond the banking standard.

 

Topics: ABT

Why Archives are Important for your Mortgage Business

WhyArchivingIsImportant .jpg

What image comes to mind when someone mentions archives? Dusty file cabinets in a basement or buried and mislabeled folders on your desktop are two common ideas of what archiving is. There is much more involved with archiving than meets the eye. First of all, an archive is more than a backup. It has to meet three requirements to do its job:

  • Availability. It has to be in a form that makes it easy to recover needed information. A disorganized pile of records isn't an archive, whether it's physical or digital. The design has to meet the business's future needs. This means anticipating the kinds of requests people will need to make. The home mortgage Records Retention Program requires retaining some kinds of information for years and reporting it.
  • Security. Mortgage files contain sensitive personal information. Letting it into the wrong hands can lead to serious liability. The FTC's Safeguard Rule requires financial institutions to protect consumer information, and it defines “financial institution” broadly. Malicious alteration or deletion can make an archive useless. Only authorized people should have access, and they should have only the access they need to do their jobs.
  • Permanence. It's often necessary to keep records for years. They have to last longer than any particular storage device. They will need to be readable in the future, regardless of any changes in software. Avoiding “data rot” requires good design from the start. An archive needs ongoing maintenance to make sure nothing quietly becomes unusable.

How does this apply to your mortgage business? Keeping mortgage-related data safe and readily accessible is essential for smooth operations. A complicated array of legal requirements mandates data retention. Fannie Mae requires permanent mortgage records, along with long-term retention of other documents. You may also have an obligation to maintain records relating to credit decisions.

It generally isn't necessary to keep hard copy records, as long as all required information is available in a digital form. Keeping information in electronic form saves space and — when properly maintained and backed up — is safer from physical damage.

Keeping Data Available and Secure

Keeping data available is tricky, because it can’t just be open to everyone. The same applies to security, in that while being safe is good, it still needs to be accessible, or otherwise it’s useless. The requirements pull in two directions. It's necessary to retain information and report it when required by law, but it's equally important to keep confidential data out of the wrong hands. Doing everything right isn't easy. Consider hiring professionals to manage your data for you.

With the cloud-based platform EmailGuardian from Access Business Technologies you can archive internal and external emails in a highly secure archive and keep data safe for all current and future employees. When shopping around for companies to handle your data, the following shoud be considerations. 

  • Attachments are secure 100% of the time with encryption, password protection, and custom expiration dates
  • Large files are archived according to retentiion policies
  • File audit tracking is easy, from a central administration console
  • Data Leak Prevention ensures compliance with corporate policies
  • A complrehensive set of eDiscovery and compliance features can be applied to all data

Data centers around the world keep information like this safe against any single point of failure. Users can view archived mail directly from Microsoft Outlook, and they can set retention rules to control what's archived and what's deleted.

ABT data centers offer Azure-based cloud backup and archiving. This approach reduces the amount of time you have to spend maintaining your archive and protects it against on-premises disasters. Scaling the archive as your business grows is easy. Retrieving stored data is straightforward.

Data Safety

A reliable archive provides multiple benefits. It allows your mortgage business to always be prepared for the unexpected. If your office sustains damage from a natural or man-made disaster, or if the employee who “knows everything” leaves, archived information is your way to continue operations as if none of the above happened.You and your clients can't afford to wait for you to recover data from a myriad of possible locations when it comes down to it. Keeping your data safe from physical breaches shouldn't be your only concerns. Bottom line - properly archiving your information allows it to be available when you need it, and where you need it, regardless of outside factors. 

Data drives business nowadays. When everything necessary is securely archived, it isn't necessary to rely on memory and guessing or to waste time searching different collections of records.

Aside from unpredictable disasters that can set you back, your business needs to be confident with all of its legal compliances. When you need to provide data for an audit or any other time, your data needs to be there. Archiving in the mortgage industry is more important than it is in many others due to the legalities, duration, and complexity of the information that is shared. Using the right products to manage your company's data could make the difference in whether you stay in business for years to come. 
Topics: Access Business Technologies

Why You Shouldn't Ignore Security Updates for Your Devices

Security Updates are Important for DevicesDid you know that 98% of cyber attacks can be stopped simply by keeping your devices up-to-date?  Our lives seem to be moving faster as we advance our technologies. Sometimes, we don’t like to even stop for the most minor of tasks. For instance - that notification about the need to update your mobile device that you find a little annoying. And then you do what most people do - ignore it. You know it’s inevitable and has to be done, but you just keep swiping to delay it because now just isn’t a good time. Don’t let that one-day delay turn into an eternity or you might be in for an unpleasant surprise.

Furthermore, these updates aren’t exclusive to your smartphones. Your tablets, laptops, desktops, browsers, and even certain types of software need to be updated at regular intervals. Let's explore why you should keep everything up to date, on your iPhones and beyond.

With all Apple products, there are security vulnerability updates across the spectrum of its products. Even if your devices are running fine now, don’t ignore these. Additionally, remember to update you iTunes on your Windows desktop and laptop computers.

Did you know that there is a feature on most of today's computers that will automatically keep your their software up to date? If you run a Windows-based machine, it's as easy as going to Start>Control Panel>Automatic Updating. If you operate a Mac computer, you can go to the "Apple Menu" and select "Software Update." Under the "Schedule" tab, make sure to click "Check for Updates" and "Download Updates Automatically."  Or better yet there are tools that make it easy to keep ALL your employee devices up-to-date easily.

Why is keeping up to date such a big deal? Software manufacturers are endlessly fixing bugs, updating drivers for new devices, and making improvements on the software that you use every day. Updating your system will improve the reliability, security, and speed of your computer or handheld device.

As we mentioned above, the most important reason to keep your devices updated is security. There are vulnerabilities in almost all software systems; it’s not a matter of if, but when, someone will figure these out. Did you know that companies, such as Google and Apple, actually have employees whose jobs are to hack into their own operating system? Their objective each day is to discover and address their own system weaknesses before cyber criminals do.

Sometimes an update will indicate what it will fix or improve a function. Usability and add-ons are often included, but they aren’t the most important reason to update your devices. So just because they don’t always come with cool or exciting “improvements and bug fixes” you still need to set to make it a regular habit to update sooner than later. The idea is to make your operating systems or software difficult or impossible to be hacked into, which in turn might make your personal information vulnerable to cyber thieves.

And while we are on the subject of staying up to date with technology, make sure that your antivirus is consistently up-to-date.

Mac users, you may not need to worry about antivirus software as much as Microsoft users. This is because only 10 percent of all computers are Macs, making Macs an unlikely target for viruses, as there aren't as many out there.

Microsoft users, you need to be strong in your antivirus game. Like your computers, most antivirus software has an option for automatic updates.

If you’ve never experienced a catastrophic device failure or data breach, consider yourself lucky. However, know that the statistics for cyber criminals are only growing:

The best way to protect your company’s data across multiple devices--work or personal--is with the DeviceGuardian™ tool from Access Business Technologies.  DeviceGuardian is specifically designed for the kinds of updates needed in the Mortgage Industry.This automated powerful product allows mortgage company employees to use their own personal devices for work while keeping company data secure and compliant with the Consumer Financial Protection Bureau. It works easily on all existing and new devices, and is just one more surefire way ABT can manage all security updates so your mortgage company is protected from pervasive and ongoing cyber threats.
Topics: Access Business Technologies

Disaster Recovery: How Long Can Your Company Survive Without Being Able to Operate?

Your business can implement the most sound measures to prepare for every eventuality and still be sidelined by a disaster beyond anyone's control. Some of these are human in nature -  mistakes from your IT specialists, crashed systems, team miscommunication. Others are completely unpredictable such as, natural disasters, power outages, and more. Disaster recovery helps you prepare for those frustrating occurrences by providing a clear, concise plan of action to follow in order to maintain, or recover vital business processes, even in the midst of an outage. This subset of business continuity is critical to your overall plan to maintain your IT functionality and stay in business.

If Your Technology Isn't Functioning, You're Hemorrhaging Money

Every minute that your employees are unable to work is costly. Not only are your salaried employees still receiving pay whether they're able to work or not, you're missing out on potential business. And, the longer it takes you to get up and running again, the more business opportunities will right past your company and on to your competition. Furthermore, there's the cost of lost data, machines that have been destroyed, and the technical manpower necessary to bring it all up again. In short, not being able to recover from a disaster can equate to a financial disaster.

Creating Your Disaster Recovery Plan

Think through the most essential technology at your business. This might be software or other vital programs that you can’t do business without. Are your employees reliant on an internal network that contains important business data, or can they function smoothly from their laptops while you focus on bringing up other systems? Make sure that your disaster recovery plan includes:

  • Contingency plans for the various subsets of your technology that could go down, such as, loss of your data center versus a natural disaster that temporarily knocks out power at your business's primary location.
  • A smooth plan of action for every member of the team, including who is expected to complete certain specific responses and at what times. This will prevent too many people from trying to do the same tasks, while other tasks are left unattended.
  • A plan for restoring your most important data, should it be lost due to human error or disaster. This might include where your backups are kept (ideally offsite from your primary business location) or how they will be restored in the event of a disaster.
  • A full inventory of all your vital systems that will enable you to quickly and smoothly replace the hardware your business needs in order to function smoothly.
  • Full backup of all your software, data, and apps so that no matter where you are, you can flip a switch and continue to run your business as if no disaster has occurred.

In certain areas of the country you might know when certain natural disasters are more likely to happen, such as tornadoes in the Midwest or hurricanes on the East Coast. Even with this, your business should be prepared for anything to happen at any time, whether natural or manmade. By developing a clear, concise disaster recovery plan with elements for all contingencies, however, you'll discover that you can have your business running smoothly again in no time.

The Benefits of a Disaster Recovery Plan

If you've had the attitude in the past that you would deal with a disaster when and if it arrived, it's time to change your perspective! Proactively developing your disaster recovery plan now--when you aren't in trouble--has a number of benefits for your business.

  • You retain higher levels of customer trust, since they know they can count on you even in the event of a disaster
  • You're able to get your business up and running again fast, rather than fumbling around for a solution
  • Everyone on your team knows what's expected of them in the event of a disaster
  • You're able to keep your business running from anywhere, loading all of your vital software and data to another location just by flipping a switch.

Businesses that aren’t actively operating are not in business, which means lost revenue and high amounts of stress for your personnel and clients. A solid disaster recovery plan will help minimize or even eliminate your downtime.

At Access Business Technologies, we use Amazon and Microsoft Azure's cloud technology, among our own data centers in two different locations. This means that if one goes down, you're able to continue to access your data from the other site. We also harness the power of Microsoft's business continuity program, which allows you to quickly and smoothly transfer the processing power needed for many of your applications in the event of a disaster. If creating a disaster recovery plan seems like a daunting task or you want to see if yours is viable, contact us to learn how we can help with our suite of versatile cloud services.
Topics: Access Business Technologies ABT Data Centers disaster recovery

Ransomware Alert: Don't Become a Victim of WannaCry Malware!

 

Ransomware Alert: Don't Become a Victim of WannaCry Malware!

You may have heard by now about the huge--global in scope--ransomware attack that happened May 12th and endured for three days into the following week. It's the largest ransomware attack to date, and has caused quite an uproar in the business world, disrupting and even dismantling some operations. What determines the severity of this attack, and others, for individual organizations? Vulnerabilities. If you don't want to become a victim of WannaCry malware--and nobody should--you need to learn more about the malware itself, and prevention methods. Let's start with a bit of background on WannaCry.

What gave birth to WannaCry Ransomware?

Cyber security experts point the finger at the National Security Agency (NSA). The NSA apparently discovered the vulnerability in Microsoft Windows operating systems some time ago and kept the information secret so it could exploit the vulnerability for its own intelligence activities. Earlier this year, a group calling itself ShadowBrokers leaked the code for NSA cyber spy tools, including NSA's hacking tool called EternalBlue, online. It didn't take long before cybercriminals were at work creating WannaCry ransomware. Once the infection got started, the trojan virus infected a certain number of computers and then began to spread like wildfire using the vulnerability in the Windows Server Message Block to infect other computers on the same networks and then to connected networks.

Are all Windows operating systems at risk?

When Microsoft learned of the vulnerability, the company created security patches for all the updated operating systems which it released this past March. For those computers who update their operating systems through Windows Update automatic feature, the vulnerability no longer is an issue. Users can also manually update the security patch. Consider yourself fortunate if you did this.

Before the attack, the problem still was an issue with respect to legacy-operating systems Windows XP, Windows 8, and Windows Server 2003, which are no longer supported by the Microsoft security patches. However, after the attacks were discovered, Microsoft made security patches available to those legacy systems. Users who run one of these legacy systems and have not installed the security patches, should do so immediately, and of course, from a secure server.

A Serious Global Issue

How many computers are we talking about? Within a few hours of the attack the virus affected more than 100 countries and infected more than 200,000 computers. Unlike most viruses, WannaCry did not seem to rely on emails for the initial contact. It does appear that the virus propagated itself once it invaded a certain number of computers and did not rely on users to click on an email.

Where was the attack centered?

Russia and China were hardest hit. Russia's infection spread to 1,000 computers in its Interior Ministry as well as banks and mobile phone systems. In China, however, the virus infected more than 30,000 computers, many of them universities. China is vulnerable to cyber attacks because it encourages the use of pirated software.

The virus infected Federal Express here in the United States in the initial attack but the virus does not appear to have affected any U.S. government systems. The virus attacked telecommunications systems and gas utilities in Spain and France's Renault automobiles had to stop production.

What was the ransomware demand?

The demand and payment make this attack interesting. The virus encrypted files and then sent a screen message demanding $300 worth of Bitcoin. If the ransom remained unpaid after three days, it increased to $600 worth of Bitcoin. After seven days without payment, the ransomware threatened to destroy the encrypted files and all data would disappear forever. Researchers found only three Bitcoin wallets with a total of only about $50,000 in payments. For such a widespread attack, these numbers are quite low. Security experts say the attackers were not set up very well for Bitcoin payments.

Protecting yourself against ransomware

You've heard most of this advice before but it still holds true, and more so when attacks like this occur. Know that they will continue to happen, so just because you weren’t attacked this time, doesn’t mean you won’t be vulnerable in the future. Cybercriminals are often intelligent and quite sophisticated with their attacks, often upping the ante from any previous large-scale ones. You might be familiar with the following, but all across the world people still do these:

  • Don't click on emails if you don't recognize the sender. It’s simple. Just don’t do it.
  • Do not click on unknown attachments. Curiosity gets the best of us, but don’t let it dismantle your entire organization.
  • The same is true for links in emails. They aren’t harmless, and even when they are in an email from a familiar email address, check it!
  • Enable your Windows Update function so that all security patches update when released. This way you won't forget to do it.
  • Perhaps most important of all is to back up files on a separate server from the main computer. Consider backing up to the cloud or using an external drive that unplugs when not in use.
  • Users of legacy Windows operating systems may want to consider upgrading as soon as possible since they are longer supported by Microsoft patches.

Depending on your business type--some are more often targeted--the above will only help limit some attacks. Don’t be that business that thinks you won’t be targeted. Your operating expenses should have a high-priority line item for this type of protection. Why? If your business is severely impacted, nothing else will matter. If you don’t have the manning or systems in place now, consider a cloud-based solution, such as DeviceGuardian™ that can easily be installed on any existing or new devices. This allows Access Business Technologies to securely manage all of your mortgage software, data, and users. The best part of this is that ABT takes one of the most important aspects of your business off your plate, efficiently and effectively managing your data security  without skyrocketing your company’s expenses.  

In other news of the when-it-rains-it-pours variety, DocuSign confirmed today that hackers maliciously accessed a separate non-core system and stole more than 100 million email addresses from the company - only email addresses. The hackers took no personal information or addresses. Just another indication, however, that everyone needs to stay vigilant. Cyber criminals make a living off of your vulnerabilities.

As mentioned earlier, even if you weren’t attacked this time around, it doesn’t mean your company’s backend won’t be targeted next time. To find out how to protect your company from making negative headlines like DocuSign and FedEx contact us. ABT has an internal department that monitors all viruses, scams, malware, ransomware, cyber-attacks, etc. We work closely with hundreds of Microsoft IT security team members and have developed a cyber-security solution that we have successfully executed for more than 500 mortgage companies, banks, and credit unions.
Topics: Access Business Technologies cyber security data security malware

Trump Administration’s Long- and Short-term Impacts on Housing Market

 

Trump Administration’s Long- and Short-term Impacts on Housing Market

The Long- and Short-term Impacts of Trump’s Housing Market Policies

Each time a new administration comes into office--whether the same political party or not--there will always be changes. Political leaders are not elected because they support the status quo, but generally because they want to shake things up. Their policy changes can often shift an entire economic sector, such as the housing market. President Trump’s new policies are already changing the borrowing and lending of mortgage funds.

As with political processes and policymaking in any country, some people will benefit and some will lose. There will never exist a one-size-fits-all policy. Here is what U.S. residents can expect going forward with Trump administration's changes/policies regarding housing.

Upholding the FHA's Annual Mortgage Insurance Premium

Lowering the mortgage insurance premiums is part of what Obama had been focusing on toward the end of his administration. Some low-income citizens, looking to purchase a home, were hoping to benefit from the enactment of that policy. However, the Trump administration has decided to suspend the mortgage premium fee reduction. What does this mean?

Short-term impact

  • When the Obama administration announced its plan to decrease the annual mortgage rate in early January, many lower-income individuals signed up, which caused a spike in FHA applications. With the premiums no longer being offered at a lower rate, many of these requests will either be withdrawn or rejected.
  • There will be fewer new FHA order applications as well as fewer FHA refinance applications.
  • The fee reduction, for FHA-backed loans, would have cut 0.25 percentage points of the total amount borrowed. Savings for Americans with a $100,00 mortgage would have been about $250, and for a $200,000 mortgage it would have equated to about $500 in savings each year. With the suspension of this fee cut, new homeowners will have to find other ways to save.

Long-term impact

  • The overall cost of owning a home will increase.
  • After a pullback of the housing market rates during Obama’s presidential terms, mortgage rates are expected to rise.
  • Affordability for low- to mid-income individuals and couples will decrease over time as the housing costs rise alongside housing demand.
  • Suspension of the rate cut of the FHA is indefinite, which may eventually help the FHA due to higher premiums and higher demand for housing.

Controlling the Consumer Financial Protection Bureau (CFPB)

Reformation of Wall Street practices is part of the reason the Consumer Financial Protection Bureau was created. The aspect of independence of this agency begs many ongoing questions. With the CFPB under the control of the new administration, its agenda will be determined by the decisions of current policy makers.

Short-term impact

  • Currently, there are claims that the body is unconstitutional. Even so, the president exercises control over the agency. The CFPB will not be used in the same way it was during the Obama administration, and as such, it may not act as an independent regulatory body.

Long-term impact

  • The issue of legality of the CFPB remains a court case at the moment, even as Trump's administration exercises power to control the housing sector through this body.
Home ownership has long been a part of the American Dream. While some critics believe Trump’s changes to housing will only make this dream more challenging for some, there are others who believe this cut will benefit taxpayers in the long run, especially if the country experiences another housing market crash as it did in 2008. Trump’s order to suspend the fee reduction will not affect current mortgage holders from making their existing payments, but it might prevent some people from taking the leap into home ownership. It’s important to note that even with a new administration and different policies put in place, there are other factors that affect the markets. For housing, this will always be tied strongly to supply and demand, home interest rates, and inflation.
Topics: FHA Trump Administration Housing Market Mortgage Lending