Mobile devices have revolutionized the way modern businesses function from day to day. Employees can now work from anywhere and from a variety of devices. Workers have more flexibility, mobility, and accessibility, and it’s brought about a number major advantages. In fact, few businesses can completely shut out mobile technology and remain competitive.
But these big rewards come with big risks. Mobile technology is notoriously unsecure, putting data and entire networks at risk. For businesses in the mortgage industry, the rewards of enabling a more mobile workforce are tremendous, but it is also imperative that they take the strongest precautions to avoid data theft and other intrusions.
Understanding Mobile Technology’s Place in the Mortgage Industry
Quick response times are critical for landing new mortgage customers. As such, loan officers need to have access to documents, client information, and internal software, wherever they are.
Mobile technology enables loan officers to stay up to date throughout the lending process. And with the help of cloud-based applications, like MortgageWorkSpace®, loan officers can even access their entire desktop from their mobile devices. These tools enable mortgage employees to photograph and send documents; set up reminders; communicate securely with clients, real estate agents, and internal team members; and check the status of their clients’ applications. Without mobile technology in the mortgage industry, these actions are confined to the office, and these days, that just isn't an option.
Recognizing and Avoiding the Risks
Allowing your mortgage employees the freedom to work from their mobile devices provides immeasurable benefits, but it can also be risky. Two out of three businesses have had a mobile-related data breach, yet only 16% are prepared for security threats from mobile devices.
In addition to mobile devices being more vulnerable to hacks, they are also easily lost or stolen. Yet, many people don't think to dedicate the same level of care and security to their mobile devices that they give to the computer that sits safely on their desk.
Here are some general security tips for mobile devices:
- A mobile device that holds sensitive information needs to be password-protected and encrypted. The password needs to be a strong one, not easily guessed.
- Wifi hotspots are a serious risk. Public wifi that doesn't require a login sends data over the air without protection. Anyone nearby can intercept it and pick out passwords or personal information. A cellular connection offers better security, even if it eats into your data limit.
- Email isn't secure. Sending confidential information by email, especially through public wifi or an unsecured mobile app, can expose it to interception.
- Many mobile applications are not secure. Try to stick to apps from trustworthy sources, but be aware that even they don't always have great security. Aim to download a small number of high-quality applications, rather than grabbing everything that looks useful.
The Risk of Device Theft
Smartphones and tablets can be insured and replaced, but the real cost of theft is the data those devices hold. A data breach can expose a business to liability if it includes personal financial data such as social security numbers, credit card information, or bank account numbers. Criminals know that mortgage businesses have an especially rich supply of this information.
In the financial industry, the cost per compromised record in 2014 was $259, and it continues to rise. When you consider that a mobile device can easily hold thousands of records, that's a large amount of money for one stolen phone or tablet.
Maintaining the Safety of Your Servers
If your business hosts its own server, security must be paramount. A poorly designed server can be susceptible to serious threats from mobile devices:
- Data transport may not be properly secured, so spying or in-transit modification is possible.
- User authentication may be weak, allowing impostors to log in or malware to inject malicious data.
- Sessions may linger too long, allowing thieves to connect after they've stolen a device.
- Poorly designed cookies allow abuse. Criminals can reuse and modify them for dishonest purposes.
Mortgage businesses need to pay close attention both to mobile devices and to any web applications or cloud services they use. Any point of weakness can lead to a major breach.
A Better Approach
It's impossible to maintain mobile security while using a haphazard set of approaches. A better approach is to use an integrated software suite that's designed to provide mortgage businesses with the tools they need while maintaining security every step of the way.
ABT's DeviceGuardian™ is a complete mobile device management tool. Compatible with a variety of mobile devices, DeviceGuardian™ allows mortgage professionals to handle their mortgage data with agility and a heavy layer of security. DeviceGuardian™ helps to support company BYOD policies and makes all company devices compliant with Consumer Financial Protection Bureau regulations.
To learn more about DeviceGuardian™ and our other cloud software for a secure mortgage business, please contact us.