Mortgage Software Solutions Blog

Why Cyber Security Comes First in the Mortgage Software Market

Why Cyber Security Comes First in the Mortgage Software Market

Equally important: physical security and cyber security.

The finance industry’s data-handling platforms have a clear bulls-eye on them.

The U.S. mortgage industry supply chain is considered a “massive target for information security breaches.” In fact, from 2015 to 2016 the number of data breaches in the United States went up by 40%.

Still, most mortgage lenders sidestep cyber security by shopping for software the old-fashioned way.

Functionality across platforms is comparable, but security is where the largest variation exists amongst current technology offerings. The regulatory and litigation atmosphere surrounding data breaches in 2018 is such that the best mortgage software addresses cyber security first and foremost.

Here is how the best mortgage software on the market is focused on security frameworks first.

The Weakest Link

Poor cyber security has a financial and regulatory impact. This, combined with the negative press of recent international breaches, is what the modern financial institution wants to avoid.

Though large institutions have tight security, an increase in automation and “digital mortgage” online customer interactions means that high-tech services are being farmed out to third-party vendors. Tools like business intelligence (BI) and machine learning (ML) also means data transfer within the industry is nearly constant.

Homebuyer information is especially ripe for hackers because it includes secondary digital assets like credit data.

Though big banks are heavily invested in keeping this data safe, the sharing of borrower data to smaller vendors has caused a disruption in the security systems. The immature security of these third-party service providers has created a weak link in a previously well-fortified industry.

Who is Responsible?

Though it seems like the third-party vendor is the one who should catch up to security norms, the tech newcomers are not being held responsible.

New legislation in the US holds financial institutions responsible for the security level of their third-party vendors—no matter where the data or breach originated from. When a smaller vendor experiences a security event, it is the large mortgage company that is on the hook.

Even if the company avoids catching the eye of regulators, cases of mishandled customer data have executed litigation of $201+ per recorded liability.

Cyber Security Solutions

The solution is to rein in weak spots by employing cyber security technology that goes beyond the traditional server model. It should cover gateways, third-party access, and employ strategies that keep an eye on common but unsafe tech-related practices.

A tech developer called ABT offers a cloud-based platform called MortgageWorkSpace that ticks the right boxes.

ABT works exclusively with the mortgage industry to develop software solutions for lenders and third-party financial institutions in the home buying industry. With the functionality of the lending platforms in place, ABT leads mortgage tech by focusing squarely on cutting-edge cyber security.

Above all, MortgageWorkSpace provides a secure gateway to access lending data. It employs multi-factor authentication and monitors system email use to fend off phishing as well.

Despite increased accountability, mortgage lenders can keep the company name and customers safe by shopping for a platform that puts security first.

Advanced Cyber Security Features

With market demand high, on-board security features distinguish better platforms from those that add build-out security capabilities as an afterthought.

ABT has a built-in consumer protection feature called Remote Desktop which gives mortgage lending employees a cloud-based real-time file management system. Offering functionality to the user, this feature actually prevents the storage of data on local PCs. This Dropbox-like feature means that the employee’s desktop is not only updateable from anywhere, but that files containing sensitive information don’t get downloaded out of the system where security is weakest.

Lenders shopping for top mortgage software should keep an eye out for features like the Remote Desktop that combine user experience with security in a way that is seamless.

Developers who have security at the forefront of their business model will also provide crucial non-tech extras for lenders.

ABT gives clients a written information security policy that outlines the software’s parameters and security compliance rules. This type of documentation may have been overkill in the past, but is increasingly required by state and federal law for legal operations in the U.S.

Though most software shoppers understandably look at usability first, the consumer financial sector increasingly puts cyber security front and center.

Mortgage broker software is no exception. Platforms should have a full range of built-in cyber security solutions, usability features that incorporate digital protection without being clunky, and advanced features that provide extended protection as regulations become more stringent.

As a target for hackers and a trend of increasing legal accountability, cyber security is now the main consideration in the mortgage software market.

Check out the full range of ABT’s security-driven mortgage business products on our website or contact us to learn more.

Image: Unsplash

Topics: Hosted Software options Mortgage Servicing in the Cloud mobile security mobile device security email security data security mortgage company security financial data security social networking safety phishing multi-factor authentication Business Intelligence cybersecurity mortgage documents security data warehousing

Why Mortgage Companies Need Built-In Compliance Tools

blog pic for Why Mortgage Companies Need Built-InBusiness data is available at your fingertips, but is it protected?

If your mortgage company isn’t talking about advanced data governance, you’ve missed the memo.

Mortgage companies around the world are facing 2018 with a regulatory backlash as a result of data breaches in the US and Europe.

Every company is scrambling to find the best cybersecurity options for financial data and figure out how to comply with stringent reporting regulations at the same time.

How can your mortgage company ensure that you are up-to-date with the newest industry standards in data governance?

Bolt-On vs. Built-In Data Governance

There are two types of compliance tools that financial institutions can use to follow the law.

Bolt-on refers to compliance tools that a business implements to interact with their existing computer-based financial systems.

Built-in refers to governance features that are part of the same computer system that they use to do their daily business activities including customer retention, storage, and database systems.

Bolt-on tools are a non-integrated option from the first wave of computer data compliance. Systems with built-in compliance features and built-in threat protection are the modern solution to meeting compliance standards.

Built-In Compliance Runs at the Speed of Business

The main issue with bolt-on tools is that they lack the visibility necessary to maintain compliance and keep moving at the pace of the company. For example, when working with outside vendors, mortgage companies are responsible for verifying vendor security.

The legal industry reports that using bolt-on tools can delay the on boarding of third-party vendors for up to 17 days and slow down overall revenue growth. Built-in options, due to being native to the system, move faster.

Built-ins can also coordinate with IT permissions on devices such as laptops and tablets used by third-party employees to access sensitive data. They offer high interactivity while bolt-on tends to offer single-process patches for cybersecurity issues.

As regulatory agencies push for never-before-seen requirements, bolt-on solutions don’t make financial sense anymore.

The True Cost of Built-On Compliance

Though switching to a new system is an investment, bolt-on solutions are actually more expensive in the end. The incremental investment is limitless; each new regulation requires a new patch.  

Instead, built-in systems work backwards by going all-in. They offer extreme security features that allow a company to scale back to the compliance limit.

Bolt-on solutions also cost man-hours. It creates busy work for employees who handle information instead of receiving a completed system report. When you factor in confusion and redundancy, the hours start to add up.

In the US, a time lag in reporting can mean trouble. New York State is blazing the trail for new cybersecurity regulations by mandating that mortgage companies have less than 72 hours to officially report a cyber attack or else face financial penalties.

With a built-in system, alerts are immediate and coverage is full from day one. Your financial services institution is protected from the risk associated with litigation and data breach.

Built-In Protection from Data Loss

ABT, a California-based company, has developed a platform for mortgage companies with built-in compliance tools called MortgageWorkSpace.

Systems like this take compliance out of employees’ hands and create strict policies that are enforced by the platform itself.

Since financial institutions are legally required to hold onto sensitive customer data for specific periods of time, a system like this allows the company to write the retention policy directly into the document management system. The system itself identifies, tags, and protects data for archive, even by custom query.

Integrated Security Features

Built-in systems have other data protection features that connect with employee activity.

For example, Felipe the Finance Director receives an email addressed from Ciara the COO but doesn’t notice that it isn’t from her company email address. Because the company email is integrated with the cybersecurity system, Felipe sees an alert that the sender’s email address is suspect and likely a phishing attempt.

Even if Felipe opens the email and clicks on an unsafe link, the system will take Felipe to a safe link where he is alerted again not to proceed. This type of security safety net is possible because built-in security can transparently see activity system-wide and isn’t limited to a single platform.

Built-in security tools helps catch phishing links, unsafe attachments, unsafe webpage links, malware, and spam so that breaches are prevented.

As data governance regulations increase in almost every global financial market, mortgage companies can remain compliant by implementing cybersecurity measures that are fast, transparent, complete, and save the company money in the long run.

The best way to meet these ever-rising regulations is to get outfitted with a platform that handles compliance as a built-in feature of the system.

MortgageWorkSpace is a business solution that allows mortgage companies to comply with full industry requirements regarding sensitive data. Learn more about cybersecurity for mortgage companies by visiting ABT.

Image: Unsplash

Topics: Mortgage Servicing in the Cloud Access Business Technologies MortgageExchange cyber security information security for mortgage companies DeviceGuardian MortgageWorkSpace data security mortgage company security financial data security multi-factor authentication Business Intelligence cybersecurity mortgage industry cloud-based data Housing Market

How to Protect Your Devices from Bad Guys

how to protectA businessman takes his work laptop home.

What exactly happens when a company device gets stolen?

Imagine that Richard is a loan officer for a mortgage company. He is behind on email and decides to take his work laptop home over the weekend. After a few hours at a coffee shop, he gets up to use the restroom. Two minutes later when Richard returns, the laptop is gone.

Are the files on Richard’s computer safe? If Richard has remote access to company systems, will there be a data breach? Can the thief access all of Richard’s accounts and client information? What exactly is at risk here?

Keeping Data Safe from Hackers

Stolen laptops are more common than you might think.

Kensington reports that over 70 million cell phones are lost each year and one laptop is stolen in the US every 53 seconds.

The laptop thief’s hope is that he can gain access to all the passwords and sensitive information contained in the device. Selling stolen data is profitable; the device itself is not actually the most lucrative part of the theft. Getting a corporate device would be like hitting the jackpot then, right?

Well, it all depends on what kind of data protection measures the company has in place. For financial institutions dealing with sensitive personal data on a daily basis, it’s important to have a system with the most cutting-edge cybersecurity features in place.

MortgageWorkSpace, a platform that won HousingWire’s Tech100 Lending category for 2018, is one such system.

With MortgageWorkSpace protection, Richard’s stolen machine will remain on lock-down and safe from hackers.

The Windows Operating System on Richard’s computer has a program that encrypts system and user files on the device called BitLocker. The laptop also uses Windows Defender Credential Guard, a security program that uses virtualization to isolate sensitive files and keep unauthorized people from accessing that system data.

In Richard’s case, the thieves have no choice but to wipe the machine and lose all the data.

Great. Richard’s data is safe, but it’s all lost. What is he supposed to do about work?

Getting Back to Work

Richard still needs access to his files and the computer programs that he uses every day to do his job.

To make sure that Richard can return to work, MortgageWorkSpace has an advanced continuity feature called “lost device re-provisioning.” This means that when Richard’s device is reported stolen, the system shuts down his previous portal and passwords. When he authenticates his identity on a new machine, he will have all the same data from his previous machine and full access to work-critical programs.

This is the beauty of a cloud-based system like MortgageWorkSpace. All the system files are located in the cloud and not on Richard’s local machine. He doesn’t lose even a single day of work because of his missing computer.

MortgageWorkSpace uses Richard’s corporate credentials and multi-factor authentication to identify that Richard is not one of the sneaky hackers and he is back into the system on a different computer.

Richard’s company has other strict security options to choose from. For the authentication process, the company can require a user-created PIN to identify him as an employee. Some modern companies are even switching to biometric identification like fingerprint and facial recognition technology rather than PIN numbers, which can be guessed.

Whether low-tech or high-tech, the key is to have multiple authentication steps that are difficult for hackers to duplicate so that sensitive system data remains hidden from the prying eyes of laptop thieves.

More importantly, Richard’s company doesn’t experience a system-wide data breach. Forbes Magazine reports that nearly 41% of the data breach events from 2005 to 2015 were due to lost and stolen devices.

Thanks to technology, Richard’s customers’ information is safe and the company’s reputation remains intact. That’s what’ the most advanced security system has to offer the mortgage industry. . While the security gates are keeping the bad guys out, people like Richard can stay productive and customers can stay safe.

For financial institutions, this type of lost device re-provisioning feature is essential for business continuity.

Businesses protected by MortgageWorkSpace don’t need to worry when a company laptop or mobile device is stolen.  Contact us to learn more about cloud-based mortgage and cyber security solutions.

Image: Unsplash

Topics: DeviceGuardian mobile device security mobility mobile workforce mortgage company security financial data security phishing multi-factor authentication cybersecurity security cloud storage productivity mortgage business mortgage industry Housing Market Mortgage Lending

7 of the Most Interesting Facts About Cyber Security

 

pic blog-1.jpgAs technology of cyber security advances, so does the technology of hackers.

A computer hacker is the name given to the tech-savvy folks on both sides of the internet battlefront. Bad guys or “black hat” hackers are the ones trying to break into computer systems, steal data, and install harmful software. The “white hat” hackers are cyber security heroes that develop ways to catch bad guys and stop malicious programs from doing damage. That’s interesting nomenclature, right?

The world of cybersecurity is full of intriguing tidbits that help us understand the dangers and how to protect ourselves from the black hats of the world. Here are 7 of the most interesting facts about cyber security.

  1. The number of cyber attacks is going UP not down. Though white hat hackers continue to improve, the total number of cyber attacks doubled in 2017. That’s according to the Online Trust Alliance (OTA), which has named 2017 “the worst year ever in data breaches and cyber-incidents around the world.” 
  2. Ransomware is leading the way in modern cyber security events. Ransomware is a type of malicious software that holds a victim’s data hostage until a ransom is paid. Instead of selling victims’ information on the black market, ransomware has established a way to make money off this stolen information directly from victims. The threat of ransomware is based on doxxing (publishing of the personal data) or blocking a victim’s online access to their own accounts.
  3. 91% of cyber attacks in 2017 started with a phishing email. Phishing is the practice of sending fraudulent emails that seem to be from a reputable company. When the victim clicks on a link or freely reveals their passwords or credit card information as a response, the phish is a success. The two best ways to avoid phishing attacks are to (1) never click unknown links and (2) never send sensitive information that has been requested via email.
  4. Cyber-crime damages will cost the world $6 trillion annually by 2021, up from $3 trillion just a year ago. This massive amount of money represents the greatest transfer of economic wealth in history (2017 Cybersecurity Ventures).
  5. Financial organizations are the biggest targets of cyber attacks. Verizon’s 2017 Data Breach Report breaks down the hacks by percentage: Last year, 24% of breaches targeted the finance industry, 15% were aimed at healthcare, 15% were retail, and only 12% of breaches occurred in the public sector.
  6. Mortgage companies are the #1 target in the industry because of the treasure trove of information that they require from customers. Mortgage companies hang onto more non-public than any other type of financial organization.
  7. 93% of breaches could have been avoided by taking simple steps, such as regularly updating software or leveraging modern cloud based solutions. Can you believe that breaches are easy to prevent? There is an old saying that “the best defense is a good offense”. It applies to the cyber security world too.

If you take the initiative ahead of time to set up clear security mechanisms, your company’s data systems won’t be attractive to bad guys.

What are the new standards for security? Modernized IT including updated password policies and Multi Factor Authentication. Cloud-based data systems are key for getting your company data off those old office servers. Sophisticated cloud-based email gateways configured especially for the mortgage industry to protect against email-based threats. These are the foundations for data security when it comes to financial institutions in 2018.

Be the cyber security leader in your industry. Make the changes before hackers make the first move on your company. When you aren’t an easy target, your data remains safe and your customers stay happy.

The best thing a business can do to keep those black hats at bay is to stay informed about cyber security by reading articles like this and use their knowledge to implement solid security measures before a hack occurs.

Businesses protected by proven security measures like ABT’s Email Guardian remain safe and receive monthly reports detailing security threats. Contact us to learn more.

Image: Pexels.com
Topics: Mortgage Software Reporting dangers of ransomware email security data security mortgage company security financial data security creating strong passwords social networking safety phishing multi-factor authentication cybersecurity security productivity mortgage business malware network safety

How New York’s Latest Cyber Security Law Will Impact You

sgfhj.jpgNew cyber security laws in New York mean strict accountability for businesses.

Cyber security is on the brink of an unprecedented crackdown in New York.

The finance industry is preparing for a new normal that looks vastly more stringent than before.

Part reaction to consumer outrage and part finger-pointing to the market for accountability when it comes to data breaches, the regulation titled Cybersecurity Requirements for Financial Services Companies (2017) is a broad re-draw of the rules by the state regulator.

In a country where the sector has historically played fast and loose with handling missteps, all eyes are watching to see how quickly it can adapt to the new normal.

As everyone settles in for the ride, industry insiders are already forming hypotheses about how far this new regimentation will reach.

Laying Down the Law

The new law outlining consumer data security measures in New York State is the first of its kind in the United States.

Officially released in March of 2017 with a built-in year of lag time, the enforcement date has arrived. As of Thursday February 15, 2018 enforcement is in full effect.

Financial institutions are expected to have stepped up their game in safeguarding computer systems and the sensitive information stored inside. A full guide to the highly prescriptive requirements can be found here.

The end goal is to avoiding security breaches by making businesses sufficiently fearful of repercussions. If they do foster an environment that allows for future problems or leaks of personal data, the stakes are high.

Who the Law Affects

The current law has been interpreted to include all banking, insurance, lending, and mortgage brokerage firms that are operating in New York. Every company under that heading will be held to the new standard.

This means that entities must get in gear to assess their actual and potential cybersecurity risks and make a solid plan to mitigate them.

The good news for IT departments is that due to the highly detailed guidelines about policy and the use of technology to patch up the security gaps, they have rather exact instructions to follow.

Beyond State Lines

At first glance, companies outside of New York might assume they have been spared from the harshest regulations in the country. After a closer look, it seems imminent that the change will have a wide-ranging impact.

Going forward, consumers will rely on their financial institutions to keep personal data safe. Not only are the expectations high, but the safety net sets the stage for demanding the same in other states.

Mortgage companies across the country are targeted by hackers due to the quantity of information and the quality of its use for fraud purposes. Companies outside of New York in the same industry should brace for the arrival of comparable laws on their home turf.  

Out-of-state entities with branches in New York should have a response as well, even before their own states begin drafting something similar.

In fact, other states are already following suit. Colorado and Vermont introduced their own measures within months after the NY regulation was put in place.

Vermont’s law names “securities professionals” as the intended subjects of its tighter regulations. Without specifying banks, the use of this broad term leaves the door open for enforcement with entities that may not previously fall under the state’s traditional regulation agencies.

As a global financial hub, even entities doing business in New York should consider getting the jump on re-assessing their policies as a continuity plan.

Beyond the Finance World

The effect of intensified scrutiny over cyber security practices will logically spill over to third-parties who work in the finance world and businesses who directly manage cyber security for the industry.

Fortune magazine goes one step further, predicting that ripple effect will go well beyond the financial industry. It could cover security events by any business that stores personal data “from point-of-sale to payroll providers.”

After that, it seems the industry shake-up will likely bleed into any major industry that houses consumer data using any sort of technology. These days, companies who aren’t keeping customer information in a computer system are few and far between.

The only thing the industry seems sure of is how this trend in accountability will not be contained by state lines or by industry.

In the early days of this new law’s enactment, the extent of this chain reaction is yet to be seen.

Over the next fiscal year, New Yorkers will lead the way, with countless gazes focused on them for cues of how to adapt.

ABT’s cloud-based portal MortgageWorkSpace adds banking level security to email, servers, PC’s and mobile devices in the mortgage industry. Contact us to learn more.

Image: VisualHunt.com

Topics: Compliance Due Diligence cyber security mortgage company security financial data security cybersecurity mortgage business mortgage industry Consumer Finance Protection Bureau Compliance for Mortgage Companies Compliance Audit cloud-based data Mortgage Lending 23 NYCRR Part 500 NYSDFS network safety

5 Things You Should Do Now to Prevent a Data Breach

5_Things_You_Should_Do_Now_To_Prevent_A_Data_Breach_.jpg

Mortgage providers are responsible for managing people's personal and financial information in relation to their most valuable asset: their homes.

For many businesses, this is cause for concern, as large corporations appear in the news every other day as a result of another significant data breach. This causes many mortgage companies to wonder (and worry about) how to prevent a data breach from happening to them.

The following are five tips that your mortgage company can implement today to begin securing your systems from a cyberattack. These tips will also help you provide better customer service by protecting personal identification information.

1. Implement Secure Passwords

There are many criteria to be met when creating a secure password, and it’s important that your entire team understands and adheres to these best practices.

Your first step should be to improve education for employees on how to handle password creation. Whether in the form of a company-wide memo, a formal training session, or an online tutorial, training should be thorough and easy to understand. Mortgage companies should make concerted efforts to inform employees on how to create a strong, secure password.

The right vulnerability management solution will require employees to create passwords that include more than just letters or numbers. Passwords should include a combination of letters (lowercase and uppercase), numbers, and characters, in order to create a password that can’t be cracked by hackers.

Multi-factor authentication should also be implemented throughout your business to ensure employees are protected if their login information falls into the wrong hands.

2. Insulate Database Information Depending Upon Needs

Underwriters require specific information that may not be relevant to customer service or sales team members. Although many businesses are tempted to keep as much information as possible in their CRM for more targeted marketing, mortgage companies have so much information on their customers that it is essential to separate customers’ sensitive information from the general contact information necessary for CRM systems.

3. Enact Employee Education Protocols

One of the greatest areas of vulnerability for a business is its employees. The Stuxnet virus, which targeted Iran's nuclear program, was downloaded onto thumb drives by engineers off-site and transported into the secure computer systems managing the centrifuges. In this example, no amount of internal security could protect them from the mistakes of their employees outside of the facility. The fact of the matter is that employees are the most uncontrollable aspect to your business.

Provide company-wide education, and enstate policies that ensure your employees use strong passwords, separate work and personal activities, do not subscribe work email addresses for marketing or political emails, and understand what to do when they are the target of a phishing email, "virus alert" pop-up, or any of the other tactics used by cyber criminals to target unwary computer users.

4. Educate Customers On Privacy, Identity, and CyberSecurity

For mortgage companies, customers are a vulnerability that are completely outside your business's work systems. A customer can be the target of mortgage cyber-attackers perpetrating fraud by mirroring your website, causing possible loss of services and capital.

Make your customers aware of the methods you use to contact them. If you have an outbound call department for customer service or sales, ensure that it follows industry practices, and teach customers how to identify if a call is from you. It is also a good idea to provide generally trusted phone communication information (never give out certain information to an untrusted number, ask for a call-back number and look it up, etc.).

Set up policies for predictable methods of managing customer accounts and inform customers of those policies. For example, make it a policy to never ask for any account information via email, only set appointments on the phone, or use multi-factor identity verification.

5. Outsource With a Trusted Mortgage Services Provider

Finally, it is important to understand that many small mortgage companies do not have the IT staff necessary to properly manage their internal security. With cloud-based mortgage systems like those from ABT, there are options for outsourcing IT and data management to experts in the industry who are able to provide high-quality and secure mobile management software.

Rather than facing all the risk internally—including vetting IT security team members, who are inherent risks for an organization—outsource it! Access Business Technologies, a leader in providing virtual workspaces for mortgage companies, has a leadership team with 15 years of success providing secure systems to mortgage businesses. We provide dedicated account executives to ensure that they understand your business processes and needs, and work with a network of local IT technicians so that on-premise IT problems can be solved in 24 hours or less.

Outsourcing means you will have professional IT services at your fingertips and ready to scale your business, whether you have ten branches or hundreds. A good IT outsourcing team will not be tied to any one software system, but will have the tools and experience necessary to manage any software and hardware. Contact us for more information on outsourcing IT.

Learn More

Topics: data security mortgage company security

How to Protect Your Mortgage Company From Viruses, Trojans, and Worms

What would happen to your mortgage company if it were hit with a serious computer virus or other malware? Could your company survive both the immediate and long-term financial impact of your critical data and client records being compromised or lost? More importantly, could your company weather the loss of customer confidence in your ability to protect their data?

Data security is essential for any mortgage business, and failure to adequately protect that data can be catastrophic.

Whats_the_difference_between_viruses_trojans_and_worms_.jpg

At one time, computer security was very simple. Viruses were spread directly from computer to computer on floppy disks. The viruses could be hidden inside the files on the disk, or hidden in the very structure of the disk itself as a boot sector virus. Avoiding a computer virus was a simple as never accepting files or floppy disks from unknown sources.

Then came networks, which allowed computers within an organization to freely share files—and viruses. This was quickly followed by the development of the internet, which gave viruses access to computers not just on the local network, but anywhere in the world. This was followed by the introduction of email, which gave viruses an entirely new way to spread from machine to machine and network to network.

And then came the rise of viruses hidden within macros inside of common document files, such as Word or Excel. Suddenly, almost without warning, businesses and computer users found themselves in a losing war against a constantly evolving army of viruses and assorted malware. Computer security quickly became a battleground, and far too often, the virus creators were on the winning side.

But what exactly are computer viruses? And what differentiates a computer virus from other forms of malware (an umbrella term used to describe destructive, malicious computer code) such as worms or Trojans?

Let’s take a brief look at viruses, trojans, and worms, and the differences between each.

Viruses

A virus is a malicious program that reproduces or replicates—just like a living virus—and creates copies of itself. These copies may be stand-alone files that mimic the names of real files or executables in an attempt to trick users into opening or running them. The viral payload may also copy itself into the file structure of a legitimate file or program. Once the file or the program is open or executed, the virus can do various things, depending on the intent of the virus creator. For instance, the virus may do something fairly benign, such as simply display a message, or it may do something far more destructive.

Destructive viruses may erase or encrypt critical system files or user data files, or reformat the computer hard drive. Regardless of the level of destructiveness of a virus, all viruses can cause considerable performance issues for computers by consuming system resources, such as memory, processor cycles, and hard drive space—all of which are needed for legitimate programs and user operations. There are five major recognized categories of viruses:

1. File Infector Viruses

File infector viruses inject their code into a legitimate executable (.exe) or command (.com) file and spread by infecting other files each time the infected file is run or accessed. This type of virus is often memory-resident. This means that if you run an infected file from a disc, USB drive, or other removable media, and then disconnect that media from your computer, the virus is still active in your computer’s memory and can still infect other files.

2. Boot Sector Viruses

Boot sector viruses infect hard drives on the structural level, in an area of the disk called the boot sector. When starting your computer from a hard drive, the boot sector is the very first part of the disk the computer looks at. This is the area of the disk where vital information needed to start or ‘boot’ the computer is stored. This means that a virus hidden in this part of the disk is loaded into memory before any operating system or antivirus software is loaded. Boot sector viruses are also memory-resident and can infect any disk inserted into the computer after it is booted.

3. Multipartite Viruses

The worst of both worlds, these viruses combine the traits of a file infector virus and a boot sector virus. Because of this, this type of virus can be both very destructive and very hard to remove from an infected computer.

4. Master Boot Record Viruses

These are similar to boot sector viruses but with one important difference; these viruses save a copy of the ‘clean’ or original boot records elsewhere on the disk, where it can usually be recovered using special software such as disk recovery tools.

5. Macro Viruses

Beginning with Microsoft Office 97, Microsoft introduced the ability to create custom functions and to automate tasks in common Office applications, such as Word and Excel, through user-created macros. Based on Visual Basic, macros opened an entirely new way for malicious coders to create harmful viruses. Macros are now one of the most common and destructive types of viruses in existence.

Trojan Horses

A Trojan horse is not technically a virus, since it does not reproduce or replicate like a true virus. Instead, a Trojan horse pretends to be something desirable to a user—an application, an email attachment, or a document—that conceals a malicious payload that, when triggered, can delete or damage user data or system files.

A large number of Trojans compromise computer security by downloading viruses or other threats, such as botnet clients. Botnet clients can enslave computers to work in tandem as an element in an illicit network. Such networks are often used to breach the security of other computers or computer networks. Botnets are also commonly used to take down websites or entire networks by flooding them with data requests in what is known as a distributed denial of service (DDOS) attack.

Worms

Worms are a form of malicious program that replicates itself from computer to computer. Unlike a virus, a worm does not rely on an infected file to spread. Instead, it is the infected file. Worms often exploit security holes to spread quickly from computer to computer within a network or across the internet. Worms can spread exponentially and can quickly bring a network to its knees by generating overwhelming network traffic as they spread from computer to computer.

Now that you are familiar with the most common forms of malware, the next question is simple: What can your business do to protect itself against these threats?

Proper security and data protection require a comprehensive plan. A properly managed and maintained antivirus program that protects against mortgage cyber attackers is a critical part of that plan, as is a firewall to protect against threats originating outside of your network.

However, antivirus software and a firewall are only two pieces of a total data security package. For true protection, you need a partner who is familiar with the special needs of mortgage companies and who has the experience to provide the protection you need.

ABT can be that partner.

Our unique cloud applications, DeviceGuardian™ and EmailGuardian™, can be added to any computer or mobile device to give you the peace of mind you need to know that your data is protected and secured from outside threats. DeviceGuardian™ technology offers full Consumer Financial Protection Bureau (CFPB) regulatory compliance for secure device management, with fully managed antivirus protection and secure data backup.

EmailGuardian™ uses sophisticated, multi-layered detection engines and intelligence to protect email data and employees from malware, spam, advanced threats, and zero-day attacks. With over 18,000 customers, EmailGuardian™'s threat intelligence and adaptive network are constantly improving defenses to eliminate new and advanced threats. It is also works to contain spear-phishing attempts by reviewing every URL for threats, and to ensure spam and malware don’t reach your network.

Contact us today to see what Access Business Technologies’ DeviceGuardian™ and EmailGuardian™ can do for your company.

Get Started

Topics: mortgage company security

3 Ways the Cloud Bolsters Your Mortgage Company Security

Cyber thieves are amping up their attacks on major banks and the U.S. Federal Reserve. Recently, $81 million dollars was stolen from a Bank of Bangladesh account at the New York Fed. Cybersecurity officials are rapidly securing possible entry points for cyber thieves, finding that the most ordinary access points, such as email and social media accounts, can be all a thief needs to gain access to highly sensitive data. What does this mean for mid-sized lenders in the mortgage industry?

If large-scale organizations are strengthening their security measures, then mid-size organizations should do the same. Your organization is only as strong as your weakest partner. However, by placing your data in the cloud and securing access through a single, secure portal, your organization can better protect against a breach. This type of vulnerability management solution can be key to keeping your clients protected.

Mortgage_company_security_-1.jpg

Here are three ways the cloud bolsters your mortgage company security:

1. Maintain Banking Standards and Compliance

Experts forecast that the mortgage industry is moving toward banking standard regulations, which is one way to avoid an increasing number of breaches within the mortgage industry. Jeff Bernstein of T&M Protection Resources, a New York City-based information security firm, told Scotsman Guide:

It is not just the mortgage company that comes into contact with the consumer data. It is also their business partners. A typical loan will include other parties. There will be attorneys involved, loan servicers, title companies, insurance companies, and a company that collects consumer data is only as secure as its weakest partner.

Loan officers accessing information via MortgageWorkSpace®’s single, secure web portal are able to aggregate information in a secure workspace, providing peace of mind to customers and maintaining above-standard compliance.

2. Integrate Software and Data Securely

Cloud-based dashboards, like those provided by MortgageWorkSpace®, provide users with an interface that accesses Encompass, office software, and email from any device, without the need to update software or security on individual computers. This is especially important given clients' wishes for fast service, as well as for meeting industry deadlines.

With everything a loan officer needs immediately at their disposal, even mid-scale lenders can stay competitive in an increasingly aggressive industry.

3. Eliminate the Need for Personal Files

Loan officers move on from an employer when they seek opportunities elsewhere, but the client lists and documentation they received during their tenure shouldn’t walk out with them. Regulatory privacy guidelines must be followed, even when an employee moves on.

While employees are still in the fold, keeping a separate company database for proprietary information and privacy-bound data is essential for mortgage lenders, credit unions, and small banks. This does not mean that former employees cannot have access to their curated client lists—many do—but those lists should not contain any proprietary information, as outlined in your organization’s employment contracts.

Brad Finkelstein of National Mortgage News quotes former mortgage originator, Karen Deis:

If the loan officer is going to maintain a dual database, they [should] not have any personal information, like social security numbers, date of birth and all of that . . .

Since secure cloud environments like MortgageWorkSpace® offer loan officers access to proprietary data in a secure environment, any information the officer keeps on Excel spreadsheets should not contain private information. Those spreadsheets and other documentation systems lack the security provided by the cloud.

Providing officers with a secure, cloud-based database protects clients from mortgage cyber-attackers. It also safeguards the company and the loan officer, ensuring loan officers do not have access to this information when they leave the organization, and that they do not take any information with them.

For more information on how cloud security, seamless updates, and cloud technologies can assist your mortgage company in maintaining compliance and increasing customer trust, please contact us.

Learn More

Topics: Mortgage Cloud Services mortgage company security

Improve Mortgage Company Security with Centralized Cloud Computing

More and more, financial institutions are being forced to grapple with security issues, concerning the advanced technologies their employees and vendors are using in day-to-day business. While some are embracing SaaS cloud computing for a more centralized and secure way of lending, others are apprehensive about embracing the transition.

The truth is, traditional IT departments are failing to adapt to the increasing security demands of the modern technology that their employees and vendors are using. This failure shows a valid need for financial companies to find a secure and centralized cloud computing system that provides their workforce with the tools they need for optimal efficiency.Mortgage-company-security

Mobile Workforces are the Game Changer

Advanced mobile technology is changing the way mortgage companies and their clients interact and do business in the world today. The availability of efficient apps, through smartphones, tablets, and other mobile devices, is giving mortgage professionals more tools and options with which to conduct business. The problem is that many of these options may not be approved by traditional IT departments and often create security risks.

For instance, if an employee uses Gmail to send and save sensitive data or a note-taking app to track unsecured customer information, they could be putting that information at risk, without even realizing it. For large institutions (with hundreds or thousands of employees), controlling the apps used to conduct day-to-day business with clients is becoming more difficult for their IT departments.

The risk of sensitive data being leaked through an unsecured cloud-based app (from an employee or vendor) is a real problem. As this becomes an increasingly common challenge for mortgage lenders, the best solution is to find a reliable, cloud-based software provider to partner with.

How Transitioning to the Cloud Can Help Mortgage Company Security

By transitioning to a secure, cloud-based platform, mortgage companies can provide their employees with the advanced mobile tools they need, while ensuring a controlled secure environment for all sensitive data.

Access Business Technologies provides a flexible cloud platform called MortgageWorkSpace®, which is designed specifically for mortgage companies. This SaaS will support and protect mortgage professionals and customers throughout the entire lending process. No longer will lending professionals need to use unsecured apps to conduct efficient day-to-day tasks, as ABT gives them tools such as:

  • Email encryption
  • Custom email signatures
  • Security Compliance
  • Custom cloud interface
  • Document management
  • Multiple system back-ups

Through our MortgageExchange™, we can seamlessly connect third-party services to a client's work space in our secure private cloud. And with our DocumentGuardian, your clients will have a secure, fast, and easy way to share their personal documents with lenders.

No longer will documents and secure data from borrowers be stored on individual computers and devices. With ABT’s suite of mortgage security services, you can access all of your data in one centralized, secure data center. This means more control and easier access to the important documents needed for day-to-day business.

Centralize for Security and Ease of Access

ABT's MortgageWorkSpace® is an innovative SaaS that gives financial institutions the perfect solution for creating a secure and controlled environment. MortgageWorkSpace® acts as a secure mobile desktop that provide seamless access to all of the applications and software systems your company knows and loves.

An entire workforce will have access to an easy-to-use interface, which integrates all of the current technologies your mortgage professionals need to conduct efficient and secure business with their clients.

No longer will financial institutions have to worry about vulnerabilities caused by unsecured mobile devices or applications used by your workforce. Through the cloud workspace portal, they can access email, files, databases, software applications, and programs anywhere, at any time, and on any device!

Financial institutions are faced with a future of ever-growing regulations concerning security and compliance, as well as rapidly advancing technologies, which their traditional IT departments may be struggling to keep up with. In light of these challenges, many mortgage companies are seeking a centralized cloud computing solution.

ABT is dedicated to helping mortgage companies secure their valuable data without sacrificing speed and efficiency. To learn more about how ABT can help your company make the cloud transition, please contact us today.

Get Started

Topics: ABT MortgageWorkSpace mortgage company security

Mortgage Company Security is Vital for Long-Term Sustainability

Mortgage companies gather loads of personal data from applicants and customers, making the security measures they put in place of the utmost importance. Traditional IT systems provide little (if any) protection from security breaches, theft or loss of hardware, or unexpected disasters. As a result, mortgage firms need to find solutions that will keep both their and their clients’ information safe.

Mortgage company security is vital for sustainability, as no other factor has as much potential to ruin your business. Your mortgage company could employ the best loan officers in the country and provide industry-leading service, but it only takes one data security incident to seriously threaten the success and growth of your business. Between the possibility of litigation, the media exposure, the money lost from wary customers, and the time spent dealing with the damage and the recovery of lost data, a single breach could do irreparable harm to your business.

This is where ABT's cloud-based mortgage software solution, MortgageWorkSpace®, can help your company attain optimal security. Access Business Technologies has created a unique, comprehensive solution for mortgage companies to secure every level of their business.

Mortgage-company-securityHere are three reasons ways ABT's cloud-based solutions provide the security mortgage companies need:

  • They provide a central point of management.
  • Everything is stored in a secure location in the Cloud.
  • They increase a mortgage company’s ability to prevent and respond to security issues.

Central Point of Management

When a piece of hardware is stolen, hacked into, or destroyed because of an accident or disaster, managers can simply call upon ABT's support services from their central point of management. Even if all hardware in the office is wiped out in a disaster, users can access their MortgageWorkSpace® in the cloud, from any device, to manage recovery and security processes.

Secure Location in the Cloud

ABT’s secure cloud servers make mortgage data instantly accessible and recoverable, from any device, in any location.

If a laptop is stolen in the night, all the sensitive information it stores is not only safe from falling into the wrong hands, but also able to be accessed remotely from MortgageWorkSpace’s® cloud interface. Users then have the ability to remotely wipe the hard drive on the stolen or lost device, rendering it useless to a thief or hacker. Work can continue without much interruption, and client and company data remains secured and encrypted.

The ABT Mortgage Cloud removes security risks by simply placing all sensitive data in our secure cloud server. All of your business’s documents are stored in your document vault in the cloud.

Improved Ability to Prevent and Respond to Security Issues

ABT is proud to boast a 97 percent customer satisfaction rate, and our ability to provide quick and expert support for security issues is a major part of that success. The mortgage industry, and the security issues facing it, are changing rapidly as technology continues to advance. This means that the security solutions mortgage companies implement must continuously advance and adapt as well.

Migrating to a cloud-based software like MortgageWorkSpace® gives mortgage companies the support and tools to prevent and recover from any security issue. With our excellent support staff and top-of-line encryption technology, we can help you prevent security breaches from occurring and respond swiftly in the incident that one does. Twenty-four-seven tech support is a great asset to have when trying to find quick answers to security issues that have occurred.

There are many other benefits of using our innovative solutions, but none is more important than reaching optimal security and compliance with your mortgage systems. MortgageWorkSpace® has made business easier and secure for the more than 500 customers we serve.

Seamless integration with our powerful partners, makes migrating your mortgage office to the cloud that much easier. Our experienced team has expertise in Calyx, JVI Solutions, Microsoft products, Office 365, and more. Your current software systems can stay in place and be managed more efficiently with the advanced tools available on your MortgageWorkSpace® interface. If you’re interested in learning more, please contact us today.

Get Started

Topics: mortgage company security financial data security