Delving Deeper Into Data Protection

first_imgMReport // How are you ensuring IndiSoft’s data is secure?                                                                            Devare // There are several ways we ensure our data is secure including requiring strong password login access to folders on our system and organizing data in separate categories so that needed folder permission can be assigned based on sensitivity of the data. We also encrypt some data so unauthorized users cannot access it. As discussed, proper data destruction is key so we employ rigid controls for it—instead of using the delete command, we always use secure data removal tools. In addition we do some basic things that some companies sometimes overlook such as using anti-virus, anti-malware protection, disabling Wi-Fi, Bluetooth, and cameras when they are not being used and of course not downloading or installing apps from unknown sources. MReport // How will well-known hacks, such as with Equifax, impact consumers’ willingness to provide their data?                                                                                                                                                                                Devare // The Equifax data breach along with other breaches through retailers such as Target and Whole Foods has shown us just how vulnerable data can be. Consumers are willing to provide data when they trust an organization, however these recent data breaches have shaken customer confidence and are likely to affect how willing consumers are to provide data in future. Now more than ever companies need to take the federal and state data protection laws seriously.Mortgage professionals should learn that secure data storage and disposal is just as crucial as secure data collection. Data storage requires the appropriate secure control mechanism for complete protection and it can be achieved. Another important aspect of data protection is securely and completely destroying data from unused servers and computers. When a customer’s trust is lost, it is difficult to regain it in a short period of time. Therefore, it is important that mortgage professionals create and maintain trust around privacy, security, and data protection. In this month’s MReport cover story, Threat Assessment, we outlined the top five ways hackers are gaining access to sensitive data that not only comprises mortgage companies but consumers as well. Now, we are going beyond the pages to give you even more insight into this complicated topic by going straight to a respected expert in the field—Ramesh Devare, who manages security applications at IndiSoft. in Daily Dose, Featured, News, Technology MReport // In what ways is consumer data is being compromised?                                                                Devare // There are numerous ways consumer data gets compromised including when it is accessed by unauthorized users, is not disposed of securely, is handled improperly (not maintained in a secure enough environment) which leads to data leaks, and when computer hard drives are not properly erased before the equipment is retired. HOUSING Indisoft mortgage news Ramesh Devare 2017-11-10 Rachel Williamscenter_img Delving Deeper Into Data Protection November 10, 2017 649 Views MReport // What common mistakes do you see companies make in the way they secure their data?Devare // There are few common mistakes made in the way companies secure their data including:Inappropriate domain account set upUsing default password instead of setting up new passwordNot changing password regularlyNot having strong passwordSharing administrative password or privileges with othersSharing folders with others without setting up appropriate access permissionNot implementing complete solutions for data protection and encryptionNot setting up data retention and data disposal guidelines properlyComputers/servers not upgraded to latest technologyNot performing enough network and application vulnerability and penetration testingUsing old operating system versions, which does not provide enough protection for dataNot applying security patches timelyNot aware or follow recent security challengesNot testing network or access controls for negative scenariosNot reviewing wired and Wi-Fi network regularly for unauthorized access or loop holesNot reviewing and refining access control regularlyNot implementing needed data protection laws recommended by federal/state governmentNot implementing privacy, security, data protection and non-disclosure policiesTo learn more, be sure to read MReport’s November Data & Analytics issue, available now. Sharelast_img read more