<img src="http://www.mon-com-net.com/58465.png" style="display:none;">

Mortgage Software Solutions Blog

Easing Mortgage Customers’ Concerns About Giving Out Private Information

easing-mortgage-customer-concerns.jpgIn order to apply for a mortgage, borrowers must turn over some very personal information. So it comes as no surprise that many borrowers are concerned with the security of their mortgage lenders’ networks.

What will happen, they wonder, if a hacker does come after your company? Are you an easy target, or do you have the security in place to keep their vital financial information from being stolen?

When you have the best tools and security systems in place for your mortgage company, you can ease your customers concerns and make it easier for you both to sleep at night.

DeviceGuardian™ Protects Every Device Used by Your Company

Chances are, users throughout your company are using their own devices to access the company’s network, applications, and files. With device management software like DeviceGuardian™, every device is protected—no matter when or where it’s being used. You don't have to worry about whether private customer information will be stolen from an employee's phone, tablet, or laptop when DeviceGuardian™ is there, keeping a virtual eye on every aspect of your security.

Security Built for Mortgage Companies

There are plenty of security companies out there that provide hosted IT services for a variety of organizations. Those security companies are great, but they aren't focused on the threats that are specific to your industry.

When you use Access Business Technologies’ cloud IT services, you can reassure your clients that their private financial data is being protected by a security company that knows the mortgage industry just as well as you do—and that we're taking the steps necessary to ensure their privacy.

The financial industry requires a high level of security compliance in order to ensure that every device and every customer is protected. We're here to rise to the challenge, creating confidence in your borrowers that their information will not be stolen from your system.

Safer Emails That Protect Every Communication

Emails containing private details of your borrowers' finances pass through your system every day. If your borrowers are leery about sharing that information through email, you can offer them the reassurance that your email security is in full compliance.

You aren't working with a company that has a generic security solution for every business. Access Business Technologies offers email compliance guarantees specifically for financial institutions. That means that your email is automatically encrypted, providing an additional layer of protection for all of your customers. It's also immediately archived, which means that if you need to check back over previous discussions, that information is right there for you to view.

24/7 Support Means You're Always Protected

Security threats can arise at any time of the day or night. When it comes to information security, however, response time matters. When you use Access Business Technologies, you have 24/7 support that will provide fast answers in the event that your site is compromised.

Security isn't just about protecting against threats; it's about how you respond when a threat occurs. Let your clients know that if you are hacked, your business is prepared to respond quickly and efficiently. We'll know right away if a threat does occur, and we'll be ready to answer that threat as soon as possible.

Security across every device you use, from the phone or tablet in your hand to your desktop computer or even the cloud, is a critical part of ensuring your customers' security. At Access Business Technologies, we provide the high level of security that's necessary for a mortgage company to reassure their customers and themselves that their private information will be kept private.

If you're ready to start easing mortgage customers' concerns—not to mention soothe your own—contact us today to learn more about the security help we can offer your business. Your borrowers need security. We're here to provide it.

Learn More

Topics: DeviceGuardian data security

Cerber Ransomware Poses a Huge Risk for Mortgage Companies

cerber_ransomware_.jpgInternational criminals are cyber-attacking American companies at unprecedented rates. Worse, many victims don't even announce they paid money to these gangsters, so the FBI doesn't actually know the precise numbers. However, the threat undoubtedly continues to grow.

Mortgage companies need to protect themselves now, before these criminal hackers use the latest sophisticated software program, called Cerber Ransomware, together with NSA-level, unbreakable encryption, to hold your company's data for ransom. This includes personal financial information on your customers.

How many of your customers would be upset to discover you allowed foreign cyber criminals into your firm's database?

Don’t let your mortgage company be another victim of ransomware. Here’s what you need to know about Cerber ransomware and the risks it poses to your business.

What is Cerber Ransomware?

Ransomware is a form of software virus that infects your computers and networks. It encrypts all your data files, then tells you they will remain encrypted until you pay the hacker in bitcoins. Cerber is the latest version.

What’s Different About Cerber?

First, Cerber talks to its victims. After it has completed encrypting all of your documents, pictures, videos, archives, audio files, and backups with a strong AES 256 algorithm that, so far, cannot be decrypted, it changes the original file extensions to .cerber. It also encrypts the file's name.

Then, it puts three files on your desktop: a .txt file, an .html file, and a Visual Basic Scripting file. They contain the same basic message, telling you about how to send the bitcoin ransom they demand in return for a decryption key. The VBS file actually speaks the message. If you fail to pay the original amount demanded in seven days, the ransom doubles. The program includes a timer in case you lose track of the time.

Secondly, Cerber comes from a website in Russia where it's sold as Ransomware as a Service. That means the criminals don't even program their own viruses. They just rent it from the real programmers, who receive a percentage of the money it brings in.

Thirdly, at the bottom of the message, it adds in Latin, "Quod me non necat me fortiorem facit," which is a famous quote from the German philosopher Friedrich Nietzsche. In English, it translates to  "That which does not kill me makes me stronger." Who knew Russian cybercriminals were so interested in motivational quotes?

Ways to Defend Yourself Against Cerber

This article offers a variety of technical ways to set up your network to defend yourself against Cerber and other ransomware. Note what the fourth expert says: Cerber spreads through macro-enabled Microsoft Word documents attached to email.

Businesses should require their employees to use only the default macro setting. That is, the user must actively allow the macro to run. If the user refuses to allow the macro to run, the macro cannot install Cerber. And, of course, nobody should open any file attached to an email if they don't know the email's sender.

Bleeping Computer has a lot more technical information about Cerber in this article, but unfortunately, there is still no way to decrypt files without paying the ransom.

One of the commenters at the end of the article said they got infected with Cerber through Craig's List. They received an email from someone replying to their post about a job.

Also beware of peer-to-peer networks such as Torrent. Be certain any software you download is only from trusted sites, and do not click on links in spam emails.

Ransomware is becoming a greater threat than ever, according to Computerworld. Many companies pay up, then shut up to avoid the embarrassment and bad publicity. Therefore, their incidents don't show up in the FBI statistics.

Access Business Technologies Can Help

Cerber ransomware is a threat to everybody, and it's especially serious to mortgage companies. They have access to money, but don't have the IT staff and equipment to protect themselves from ransomware and other data breaches major banks can afford.

However, DeviceGuardian™ from ABT protects and secures your data and ensures your mobile security at the device level. It makes all the hardware that accesses your network compliant with Consumer Financial Protection Bureau regulations. ABT provides 1Tb of backup data per user. This is important because having a backup that Cerber ransomware cannot reach is an essential part of your defense.

Access Business Technologies’ mortgage company security services provide full virus and malware protection, as well as mobile management software, to protect businesses and their customers and ensure complete security compliance. Contact us today to learn how to protect your company from the huge security threat Cerber ransomware poses.

Get Started

Topics: DeviceGuardian ransomware

Why Hard Drive Encryption is Important for Mortgage Companies

Hard_drive_encryption_.jpgIs your mortgage company encrypting the hard drives of the devices it uses to conduct daily business? Here’s a better question: Could your mortgage company withstand the potentially catastrophic fallout that would occur if a computer containing confidential client information was stolen and fell into the wrong hands? What about the regulatory repercussions and lack of customer confidence that such an event would cause?

Implementing hard drive encryption today could save you from potential disaster tomorrow.

The Importance of Protecting Your Data

Securing your computers with passwords or behind locked doors is not enough. Passwords may stop an unauthorized person from logging into one of your computers, but it will not stop them from stealing the entire computer. Once they have the computer, accessing any file on your hard drive is easy. Anyone with the right knowledge or tools can bypass the operating system security and access the files directly.

Consider for a moment what kind of confidential information your mortgage company gathers on its clients: social security numbers, birth dates, addresses, employment history, and credit history. Now, imagine if all that confidential data was stolen. In the right hands, this data could lead to hundreds of thousands of dollars in financial losses to your customers, and to your company.

Identity theft is serious business, and keeping your client data safe from theft is a serious part of your business. This is why mortgage industry regulators strongly recommend that mortgage companies encrypt the hard drives on all computers used to handle client data.

How Much Encryption is Enough?

Encrypting specific files or types of files is a good start. Unfortunately, due to the way in which computers access and handle data, anything short of full drive encryption is simply not enough.

Encrypted files on an otherwise unencrypted drive must be unencrypted on the fly by the operating system. These files, or pieces of them, are then stored in an area of the hard drive known as the swap file for easy access and editing once they are opened. For example, if you have ever used the undo function in Microsoft Word or Excel, it is the swap file that makes this possible.

Files and pieces of files in this area of the disk may linger for a considerable amount of time, leaving them vulnerable to access by anyone who can get to the unencrypted part of the file.

The unencrypted part of a partially encrypted drive can also be used as a sort of “back door” to access and circumvent the encryption. This vulnerability can be easily exploited by a fairly inexperienced person with the right software tools.

It is for these reasons that mortgage industry regulations now require businesses to use full disk encryption of all data on laptops and other devices. As such, full drive encryption is the only real option to both protect your confidential data and maintain full regulatory compliance.

Drawbacks of Encryption

Unfortunately, this level of security does come at a cost and with considerable risk.

There are a number of ways you can permanently lose access to the data on your computer or effectively ‘brick’ your computer during or after encrypting the drive. For instance, if you suffer a power outage or system failure while encrypting a drive, you will almost certainly lose the data on that drive. If you lose or forget the password that you used to encrypt your drive, you will be effectively locked out of your drive. If the encrypted drive becomes damaged or the data becomes corrupted, you can also permanently lose access to your data.

We Can Help

ABT can help you avoid those potential pitfalls while assuring your customers—and regulators—that client data at your mortgage company is being protected by a state-of-the-art security solution.

Our DeviceGuardian™ PC and Device Protection technology will ensure mobile device management for all of your computers and mobile devices. We make sure you are fully compliant with Financial Protection Bureau (CFPB) regulations by providing cutting-edge enterprise security and data encryption to protect your sensitive client data.

ABT is your one-stop IT provider with the specialized services and 24/7 support you need to take your mortgage company to the next level.

Contact us to today to discuss the many ways we can manage your specialized IT needs.

Learn More

Topics: DeviceGuardian encryption

ABT's Recommended Physical Device Security

ABT-recommended_physical_device_security.jpg

More than ever, people in the mortgage business are relying on mobile devices to stay competitive. They need to stay in touch at all times and provide quick responses to their customers. Smartphones and tablets can be taken anywhere and give users an edge to help them stay competitive.

Unfortunately, devices that are easy to carry around are easy to carry away. Thieves made off with over 2 million smartphones in 2014. It's not just the loss of the device that's the problem, but the data that's on it or that a thief can get at from it. Letting a criminal view the company's business records or send emails impersonating an employee could mean major trouble for your mortgage business.

pMobile phones also face distinctive data security risks. Protecting your mobile device involves four areas: keeping it safe from theft, preventing thieves from using it, dealing quickly with theft if it happens, and observing good physical device security practices.

1. Preventing Theft

Keeping a tablet or smartphone out of the hands of thieves simply requires exercising common sense. Here are some tips:

  • Label your device with contact information. Engraving is best, since it won't come off and makes it harder to sell.
  • Never leave a device in a car, or at least make sure it's well-hidden. Smashing a window and grabbing any loose items is too easy.
  • Never let it out of sight in a public place. Keep it in your pocket or purse when you're not using it, so you don't carelessly walk away from it. Make sure it's still on you when you leave a place where you were using it.
  • If you use it in a crowded place, be alert for pickpockets after putting it away.
  • If a stranger asks to "borrow" your phone for an important call, say no and walk away.
  • When you're charging it, make sure it's in a safe place. Leaving it on your desk at work may seem safe, but if a customer can walk by and snatch it, it's not a great choice.

Note: You need to be equally careful with USB flash drives. They're small and easy to forget.

2. Preventing Unauthorized Use

You can encrypt your device so that no one else can use it without the password. Even the FBI has trouble breaking into encrypted phones, as we've learned from the news. Infoworld offers a guide on encrypting iOS and Android devices. On Android, encryption isn't the same as password protection; make sure to enable both. Also, encrypt any flash drives that might leave the office.

Additionally, you can set the interval at which the device asks for your password; make it five minutes at the most, or require it every time you turn the phone on for maximum security. Use a password that's hard to guess; "1234" is as good as no password at all.

Good security comes in more than one layer. If someone does manage to activate your phone, you want to suffer as little damage as possible. Don't set your applications to log in automatically without a password. That may be convenient, but it can also be dangerous. Setting a single master password is fine; just make sure it's a strong password.

Keep the amount of sensitive information stored on your device to a minimum. Delete old records that you no longer need.

3. Data Security

Mobile devices face some special risks that desktop computers aren't as vulnerable to. Connecting to an unknown wi-fi hotspot can expose the device to spoofed connections and password theft. When you download an application on impulse, you might get something malicious with it.

Before you click, think about whether you really need that application and about how confident you are in its source. If you download a store's app, the store management probably has only the best of intentions, but the developer might have been sloppy and left serious security holes in it.

If It's Lost or Stolen

You can set up your phone or tablet so that you can erase it remotely if it's lost or stolen. The device has to be on the internet for you to do this, but if it isn't online when you issue the command to erase, it will erase itself the next time it goes online.

Android offers several actions you can take, so you can make sure the device is really gone before erasing it. The Android Device Manager lets you make it ring at full volume, even if you had set it to silent mode. If you just left it in your other coat, that option can save you from unnecessarily wiping your device. If it's really lost, you can perform a full reset, wiping out all your phone or tablet’s data and applications.

Apple offers a similar feature for iOS devices. You need to have an Apple ID and an iCloud account. You can check its location or make it play a sound to make sure it's really lost, and you can erase it remotely if you need to.

Report the theft promptly to the police and your employer. ABT's DeviceGuardian™ can, among many other things, help prevent data loss from stolen devices.

Final Thoughts

All this advice shouldn't scare you away from using a mobile device, but rather, it should give you confidence that you can use your mobile devices with little risk of a security breach—if you're careful and you employ the right tools.

Physical protection is one part of a secure data strategy for your mortgage business. ABT's managed cloud services keeps track of the latest information on malware, intrusion, and spyware, so that your devices stay safe. Additionally, DeviceGuardian™ can help keep your data and your devices safe, providing 24/7 security monitoring, cloud backup, and virus and malware protection. It can also remotely wipe stolen devices, when necessary.

Take good care of your devices and let the security experts at Access Business Technologies help! Please contact us for more information.

Learn More

Topics: DeviceGuardian mobile device security

4 Simple Tips for Mobile Security in the Mortgage Industry

mobile securityMany mortgage companies, especially smaller firms, assume that their business is safe from hackers and other potential cyber attacks, but that couldn't be farther from the truth. Cyber attacks present just as big of a risk to small mortgage businesses as they do to large, and in many cases, the associated risk is actually larger.

According to NetIQ, 70 percent of all organizations report that they have been the victim of a cyber attack within the last 12 months. This just goes to show how common small-scale cyber attacks are and how important it is that your mortgage business takes the necessary steps to protect itself from potential breaches.

Many organizations employ some basic steps to keep themselves safe, and those small steps by mortgage firms could dispel the incentive for hackers to target them. When the challenge of hacking your network is greater than the reward, would-be attackers may move on to an easier target.

Here are few simple steps that you can take to protect the mobile security of your mortgage business.

  1. Password Protection

Every loan officer in your organization should receive some basic training in choosing passwords that will help to protect your mortgage business against cyber attacks. Of course, proper password choices are most important for critical systems, but anywhere an employee logs in needs to have proper password security. One simple method that many businesses use to protect their mobile security is requiring that all employees double-authenticate their login through their smart phone and email in order to log in. Additionally, employees should be trained to include capital letters and symbols within their passwords to reduce the chances of them being cracked.

  1. Create Official Company Policies

Recommending that your employees use some best practices for mobile security is simply not enough. You must create official company policies that allow you to spell out exactly what employees need to do to keep your mobile network safe. You should also put in place some ramifications for employees that do not follow the policies.

It can be difficult to explain to your loan officers why mobile security is so important, especially when they are not used to going to extreme measures to protect their home networks. Official policies help to ensure that security is taken seriously.

  1. Use Mobile Device Management Software

Mobile device management software, like DeviceGuardian™, allows you to see all of the devices that are connected to your network at any given time, no matter the platform. They are typically integrated with Android, BlackBerry, Windows, iOS and all other major platforms. This will allow you and your IT department to keep a close eye on who is accessing the network and quickly combat any nefarious activities that might be taking place. Mobile device management software is an absolute must-have for mortgage companies with more than a few devices connecting to the network at any given time.

  1. Share Information

According to Varmour, about one-third of IT security professionals share information and data with IT security industry groups. Most security professionals have never shared any information at all. What most do not realize is that, while sharing information might not directly benefit their company in the present, it can pay off well into the future, as these groups learn more about the attackers and the organizations that they target. Encourage your IT staff to join a security intelligence sharing group and work with others to improve the industry as a whole.

If you would like to learn more about how you can protect your mortgage company against potential threats and keep your mobile networks safe, please contact us today. We'll schedule a consultation with one of our security experts to explain how you can improve the mobile security at your firm.

Topics: ABT cyber security mobile security DeviceGuardian mobile device security

Mobile Security for Your Mortgage Firm: Preventing Threats While Out in the Field

mobile securityIn today’s increasingly mobile world, more and more businesses are allowing their employees to use their mobile devices for work, especially when those employees are on the road or working from home. As a result, mobile security is more important than ever for protecting businesses from the threat of an information breach. In fact, despite mounting evidence of growing security threats, many companies still disregard mobile security as a priority. And in the mortgage industry, where your company handles such quantities of private information, ignoring security on mobile devices is a gamble you cannot afford to make.

The truth is that mobile devices can become vulnerable targets to online thieves in many situations. As Bankrate noted last year, mortgage lenders, especially, are a major target of hackers because of the comprehensive private information available to steal.

As your loan officers do more and more from their mobile devices, what other security issues could happen that may compromise company data?

Let's take a look at a couple of the potential threats and how our trademarked tools here at Access Business Technologies can solve your biggest concerns.

Unreliable Public Wi-Fi Networks

When your loan officers are on the road, chances are they will find themselves, at one point or another, sitting in a coffee shop or restaurant taking advantage of the free wi-fi connection as they meet with a client or tackle some work with their breakfast. However, as Forbes noted last year, public wi-fI networks are incredibly vulnerable to hackers.

Hackers, with only the click of a button, can monitor and hijack logins, passwords, and email or chat communications, among other things. And, when those communications include the highly-sensitive financial data that is an everyday part of your loan officer’s work, a breach of this information could prove catastrophic for your mortgage firm.

Lost or Stolen Devices

Mobile devices themselves (including laptops) are vulnerable to security threats, but many mortgage firms forget the threat of simple human error. When a device is lost or stolen from one of your loan officers, the data on that device is at the mercy of whoever finds it. Any files, passwords, or client information stored on that device are now susceptible to theft. Even with your data backed up and stored on a cloud server somewhere, if that information is also stored on the device, the threat of a breach is huge.

How DeviceGuardian™ can Help

Here at Access Business Technologies, our mobile management tools provide the best security measures in the market so your mobile devices don't become sitting targets. Configured specifically for the unique challenges and regulations of the mortgage industry, with tools like DeviceGuardian™, your mortgage firm can protect every mobile device being used by your employees.

DeviceGuardian™ provides hard drive encryption and complete protection from hackers, identity theft, malware and viruses, so no matter where your loan officers are or what device they’re using, they can be sure their clients’ information is safe. The software is regularly and automatically updated to ensure that your devices are protected from the latest threats. And, if a device does end up lost or stolen, DeviceGuardian™ allows you to remotely wipe the device so any valuable information is completely erased before it ends up in the wrong hands.

This easy-to-use software operates across all popular platforms, including Windows, Mac, iOS and Android devices, and is easily integrated with your other mortgage software, including our cloud-based desktop computing service, MortgageWorkSpace™.

In an age where information security is more important than ever, it is crucial that mortgage firms protect themselves and their customers. Contact us here at Access Business Technologies to learn more about DeviceGuardian™, as well as our other tools, and how they can help protect, control, and manage your mortgage business.

Topics: ABT cyber security mobile security DeviceGuardian MortgageWorkSpace

Creating a Secure Mobile Workspace for Your Mortgage Company: Common Threats and Solutions

Creating a secure mobile workspace is more necessary than ever as Bring Your Own Device (BYOD) policies become increasingly common in the modern workplace. In the mortgage industry, security is especially important, since your company is handling highly sensitive, private customer information every single day. When you start to handle that data from various devices, including mobile, it becomes imperative that your devices and data are being properly protected.

Recently released reports say that mobile technology poses the biggest risk to all enterprises around the world. It's worth noting, though, that we shouldn't blame BYOD ubiquity as the sole security problem. Security threats can come from a number of sources. It’s up to you to prepare and protect your company from those threats.

These days, it is not uncommon for many of your loan officers to travel for work. This mobility is important to the functioning of your business. However, oftentimes, this means your employees must use personal devices, such as tablets, smartphones, and laptops, on unsecure internet connections to access the information they need. Communicating with clients in this way can leave your company and your customers’ information at risk of security attacks.creating a secure mobile workspace

Let's take a closer look at these risks and how Access Business Technologies can help you create a more secure mobile workspace for your mortgage business.

Unreliable Wi-Fi Services

If your loan officers are hanging out in cafés to talk with clients or do work, it's safe to assume that they'll connect their mobile devices to a public access point for Wi-Fi. The trouble with this is you can't always tell whether it's a secure network. Many people get fooled by the innocuous names of Wi-Fi networks, which could possibly be provided by a nearby criminal capturing personal information.

Without any proper security on your mobile device, you're basically a sitting duck to online thieves who could access your clients' personal financial information. You could face major legal hurdles if you find out client data has been compromised and you did nothing to prevent it.

The Potential of Mobile Devices Being Stolen

As much as your loan officers try, they can't always have a guarantee of keeping their mobile devices safe. Even if they keep their smartphones or tablets in a bag while traveling, your employees could absentmindedly leave a device sitting on a nearby table for a thief to snatch in a second.

All the talk about wiping on mobile devices becomes a major point of issue, when you think about all the data that's on those devices. Having all of it freely available to a thief makes it more of a worry for you when your loan officers work in diffuse locations where anything could happen.

Let's not forget that viruses are just as much of a problem on mobile devices, and mobile sharing could mean virus spreads from one device to another. When this happens, it could end up shutting down your entire mortgage firm because one mobile device suffered from a cyber-attack or malware.

So how are all of these security risks prevented when they seem like such separate issues? That’s where ABT’s DeviceGuardian™ comes in.

Why DeviceGuardian™ Consolidates All of Your Mobile Security

Here at Access Business Technologies, we've developed a PC and device protection tool called DeviceGuardian™ that is designed and configured specifically for the mortgage industry. DeviceGuardian takes on the biggest challenges of mobile security and solves them all with one convenient solution. With a simple download on any mobile device, your mortgage business has complete protection against viruses and hacking attempts that integrates seamlessly with your existing mortgage software. Even more so, you have complete compliance with Consumer Financial Protection Bureau (CFPB) IT regulations.

With ABT’s MortgageWorkSpace™ and DeviceGuardian™ services, you'll also have complete management of your entire desktop, including software, applications, and customer data, wherever you are, with 24/7 technical support whenever necessary.

Contact us to find out more about how DeviceGuardian™ and our other mortgage technology solutions can help your mortgage company run more efficiently and securely. We'll make sure you have peace of mind knowing your loan officers can work safely without data compromises.
Topics: Cloud cyber security DeviceGuardian