Fidelity Security Expert Offers Tips to Protect Your Business

It’s estimated that by 2021, there will be more than $6 trillion in damages from cybersecurity attacks. That figure would surpass the costs associated with all natural disasters combined. Rick Diamond, Vice President, Agency IT Director at Fidelity National Financial, believes that cybersecurity is one of the fastest-growing threats and one that “will become the greatest threat to every person in the world in the future.”

Diamond recently joined Qualia during a Remote Qualia Live event to discuss why cybersecurity is more important than ever and how real estate businesses can protect themselves and their clients.

As demand for digital interaction rises, opportunities for cyberattacks grow 

“During the pandemic, the world has changed,” Diamond said. In the real estate industry, the change has been especially noticeable for closings. Contactless closing options have become a topic of priority as mortgage lenders, real estate agents, and title & escrow professionals navigated the safety of their clients. 

Diamond noted that consumers are not only demanding digital options for their safety, they are also expecting digital touchpoints. Homebuyers desire a more connected and empowered experience. “You need to be connected to consumers easily and in the ways that they actually want to be connected,” he said.

The demand for digital touchpoints is no longer just a nice-to-have, it’s a necessity. “Customers actively seek to buy from the most innovative companies,” Diamond said. For real estate brokerages and mortgage lenders who market directly to consumers, this means partnering with forward-thinking title & escrow companies. Tech-forward title & escrow companies can help them deliver the best digital experience from application through close. 

With higher digital expectations, comes more opportunities for digital threats. “Data security is more important than ever,” Diamond said. “And it is truly your responsibility.” 

Digital closings will create more intense cybersecurity standards 

Diamond referenced the CFPB’s increased oversight over NPPI (nonpublic personal information) several years ago. This oversight by the CFPB was primarily placed on lenders. In response to this increased regulatory oversight, lenders scrutinized their title partners more closely, who in turn scrutinized their software vendors and platforms. 

“With the advent of more digital real estate closings and RON (remote online notarization), this [oversight] is going to come back into play in a big way,” Diamond said. Fourth-party platforms, such as production software systems and eClosing platforms will need to meet stringent security standards. 

For more information on how to evaluate your technology providers, click HERE to read the 7 key due-diligence questions to find the best software partners. 

Baseline measures to protect your business from cybersecurity threats 

Diamond walked through a few key areas where businesses can meet baseline security standards and a few areas to up-level security protocols. 

Take measures to protect your business from ransomware 

“Ransomware attacks have become more prevalent than credit card theft for the first time,” Diamond said. He noted that ransomware attacks are the simplest and quickest way for criminals to make money and steal data. 

Businesses should take the following measures to protect themselves from ransomware predators:

1. Make sure networks are patched and up to date. (Patching means applying available updates for operating systems and applications. This is the most proactive thing you can do to protect your systems. In Qualia, these updates are done automatically.)
2. Backup your entire network and make sure the backup is kept offsite and is tested often.
3. Change any default passwords and use multi-factor authentication (MFA).
4. Segment your network to inhibit the spread of an attack across the entire organization.
5. Train your staff on what ransomware attacks look like and the common myths surrounding them.
6. Have a plan in place for when an attack occurs so you can act quickly to mitigate the damage.

Ensure you are communicating securely both internally and externally

Real estate transactions involve a number of external stakeholders and require communication between parties. These communication channels are prime opportunities for cybercriminals to intercept. 

Diamond recommended the following baselines for secure communication:

1.  Ensure all email communications are encrypted along with any attachments.
2. Do not allow employees to use personal emails on business devices.
3. Prohibit the use of flash drives and other removable devices which could contain malware.
4. Use secure portals to communicate (e.g. Qualia Connect).
5. Do not use personal email accounts for business purposes.

Train your staff on proper security measures while they are working remotely 

Since the onset of the pandemic, businesses across the country have transitioned to remote work. Home offices can open businesses up to vulnerabilities if employees are not trained on security measures they must take. 

Some remote work security practices every employee should apply are:

1. Configure Wi-Fi encryption at your home network.
2. Change your router login password. Often, routers include default passwords. These should be adjusted to long passphrases that are more than 10 characters long. 
3. When working in cafes and co-working spaces, employees should use VPNs instead of working on a shared network.
4. Maintain the same security routines that were conducted in-office. (For our simple daily security checklist, click HERE.) 
5. Turn on automated timeout sessions on software programs. 

Let your security standards be a competitive advantage

Diamond pointed out that putting time, money, and energy into security practices can be about more than just protecting your business. It can also be used to market yourself in an increasingly digital world.

“Don’t be afraid to brag about your security standards and practices,” he said. Businesses can use security as a trust-building tool to demonstrate the value placed on protecting data and systems. These communications are especially valuable during COVID-19 when clients are wary of work-from-home practices and digital tools that may be perceived as vulnerable band-aids instead of secure platforms. 

Diamond recommended placing banner advertisements on business websites with “COVID notices” that detail your business’ response to the pandemic and the security standards you have in place for digital closings. He also suggested sending an email to clients about what you’re doing to keep customers safe during the pandemic and including a footer on all communications pointing to your COVID-19 response plan. 

To learn more about how you can protect your business from cybersecurity threats with Qualia, click below to download our security whitepaper.