What do JPMorgan Chase, Home Depot, Michaels Stores, Target and Dairy Queen all have in common? Theyâ€™ve all been hacked.
The JPMorgan security breach alone affected about two thirds of American households â€“ about 76 million. The breach also included seven million small businesses.
Operating from overseas, hackers often compromise clientsâ€™ names, phone numbers, email and physical addresses and more, and it seems to be happening more and more.
As a small business owner how am I supposed to protect my company and clients’ data if companies as large as Chase are unable to prevent an attack?
Being a private lender and a loan servicer myself, the recent data breaches at many of the largest corporations keeps me up at night.Â How can a small business increase their security without the large IT staff?
At Fairview Lending, our solution was to use our best-in-class partners to help secure our data.Â Here are four steps we learned through this process that everyone in the mortgage industry needs to take to ensure both you and your clientsâ€™ financial data is safer.
These steps are critical for anyone in the real estate arena since we commonly handle financial statements, social security numbers and other valuable and sensitive data.Â Obviously this is not an all-inclusive list and people still need to use common sense.
- Use Dual Authentication: Dual authentication requires two passwords to allow a user access.Â For example to log into one our banks we put in a user name and a text is sent to us with a unique passcode, the passcode is entered from the text and then we are able to enter in our password.Â The vast majority of systems now utilize this methodology from banks to service providers.Â To setup, it is usually as simple as requesting it from the provider. Having dual authentication almost eliminates the issue of a password being stolen since the hacker would also need your cell phone.
- Encrypt: Encryption basically encodes a drive that is unreadable without a â€œkeyâ€.Â Â This is one of the strongest forms of data security.Â In laymanâ€™s terms it makes the drive unreadable without the proper password.Â For example, if a laptop was stolen and the drive was encrypted, the data is protected.Â Everyone with a laptop should encrypt their drive.Â There is a free file encryption in Windows 8 (called Bitlocker) that is easy to use, hardly noticeable and just needs to be activated with a few simple steps.
- Do not use public hotspots: Many times when you are out in public (think Starbucks, McDonalds, hotels) you need to get online and these locations offer free internet connections.Â What a bargain, right?Â Unfortunately as a user on a free open network, your data is susceptible.Â Last weekend I was at a real estate conference, I went to get online and there were three â€œguestâ€ networks available.Â One could easily be a person next door that setup a network labeled guest.Â If I connect to that network they can skim any data I am sending.Â So what do you do?Â Turn on the hotspot on your phone and give it a unique name.Â This way you know you are connecting to a trusted network
- Protect your cell phone with a password:Â As professionals, Iâ€™m assuming most people have email on their phones, and emails often include sensitive information.Â Along with protecting your laptop, ensure you use the passcode on your phone.Â There is also a setting on iPhones to erase the phone data after 10 failed attempts.
The above tips are not a substitute for common sense (you still should not click on the e-mail to verify you are the distant relative of Prince Ukalaly, and sorry to say you did not just inherit the million dollars), but they will make you and your clientâ€™s data considerably safer.Â In the new age we live in these are not optional steps.Â Your clients have entrusted their personal information with you; are you doing your part to protect it?