Skip to main content

RealtyTrac partners with Adicio

Aug 01, 2007

Keeping the rabbits out of the gardenAnn Schmidthackers, spyware, keylogger, firewalls, fraud detection Maintaining security in the mortgage industry As the days grow long and summer swings into bloom, gardeners everywhere are watching the vegetable seeds they carefully planted take root and send up sprouts. With warm weather, regular watering and weeding the harvest ahead will be plentiful -- as long as the gardener can keep the rabbits from eating away the greenery every night. Though the analogy is simple, lenders face a similar threat. They've cultivated consumer relationships and built successful businesses, but the personal financial information they possess is valuable and there are people who will do just about anything to steal it. If that information is not protected, not only can it be devastating for our customers and their consumers, but it will destroy everyone's long-term harvests. Internet rabbits: hackers and spyware Spyware, the hacker's most powerful and dangerous tool, is a computer program that installs itself on computers without the owner's knowledge. Once installed, it secretly transmits information back to the person who created the program. One of the most damaging types of spyware is a keylogger, which records every keystroke made on a computer -- including passwords -- and transmits that information to thieves. This is the weapon most often utilized by those in the identity theft business. If a keylogger is running on a loan processor's computer, all passwords, Social Security numbers of borrowers and their other personal financial information can be harvested. Once thieves have a borrower's personal financial information, they can open accounts in that person's name and borrow funds. They can set up fictitious borrowers, addresses, houses, credit reports, bank statements and even income verifications. Putting up fences Because the threats come from many different directions, security efforts must be widespread -- protecting data from both inside and out. Every mortgage institution that receives personal financial information needs to: -Develop policies and procedures to ensure against the loss or sharing of personal financial information. Policies should cover such things as access controls, password changes, access approval and more. Procedures should spell out actions to take if a compromise occurs. Along with this, employees must receive training so they clearly understand what information must be protected and how to protect that information. -Restrict access to paper files and limit employee access to information on a need-to-know basis. Using loan file numbers on documents instead of the borrower's name or Social Security number also provides confidentiality. -Shred documents so that information doesn't end up in a dumpster to be collected by thieves. -Erase disks and magnetic tapes to make sure data can't be harvested from them. -Encrypt data before it is sent. Encryption is an extremely powerful tool for protecting information that is exchanged online. Before messages are sent, the information is encoded using a mathematical formula that scrambles the data -- and ensures confidentiality. -Firewalls, anti-virus software and anti-spyware software are necessary to prevent unauthorized access to your information. -Automated underwriting can also be useful in fraud protection. Because many underwriting programs ask for more information instead of simply denying a loan, the additional information has, in some cases, identified fraudulent activity. -Fraud detection software can validate the borrower's identity, employer, financial information, property address, etc. By using historical data, this software detects fraud by making comparisons between loans and detecting activity patterns. -Automated valuation models can help identify fraud associated with inflated appraisals. -Centralized storage is an off-site central database that provides 24/7 security for your confidential customer information. The payoff is a healthy harvest As information thieves get more and more sophisticated, it becomes all the more imperative for mortgage institutions to embrace security at all levels. Even then, the moment you think you're totally protected, thieves will find another new way to get access to personal financial information. At times, it may feel like a never-ending battle just to stay in place. This is all the more reason to remain diligent with your efforts. By taking a proactive approach, you'll find that not only are you keeping the rabbits out of the garden, but your plants are flourishing and your long-term harvest of customers and closings will be better than ever. Ann Schmidt is vice president and director of business process with Greystone Residential Funding Inc. She may be reached at (888) 766-4734.
About the author
Published
Aug 01, 2007
Thrive With A Focus On Consumer Experience

Today’s borrowers expect a simple, fast, and convenient online process

Mar 18, 2024
Success Comes From Challenging The Status Quo

Be prepared, though, to weather storms of criticism and self-doubt

Mar 18, 2024
Clueless

Originators beg for training, few firms deliver

Mar 01, 2024
Meet a New Generation Of Spring Buyers — Gen Z

As the oldest Gen Zers turn 27, it’s time to pay them more attention

Feb 29, 2024
Hack The Funnel

A "likes" to "leads" to "loans" strategy to get the borrower first

Feb 29, 2024
Navigating The Real Estate Landscape

A SWOT analysis for mortgage brokers could be a valuable tool

Feb 29, 2024