The digital threat landscape for mortgage companies is enough to unnerve the most stalwart IT professional. Reviewing threat alerts is part and parcel of asking yourself the question, can you defend your mortgage company from ALL of today's threats? Well, we're here to help. Here are three tips that might just aid you on your way.
1. Be Proactive When it Comes To Your Company’s Data
Today's mortgage companies do more and more business online. To monitor your company’s IT security means monitoring multiple platforms of threat alerts. On an ongoing basis, mortgage companies need to be diligent with understanding the following as they relate to your everyday operations:
- Viruses
- Malware and Ransomware
- Websites and IPs to whitelist/blacklist
- Updates for apps
- Security alerts for O/S
- Scams (which often result in all of the above)
2. Know What Cyber Threats are Out There
A sophisticated malware campaign that threatened company IT networks with multiple intrusions has been doing so since April of 2016 . These cyber criminals have stolen administrative credentials, certificates, and then made multiple implants of several types of malware that attack critical IT systems. The campaign targeted multiple victims across multiple sectors. Depending on what security defenses are in place on a targeted organization's networks, the cyber criminals may gain full access to the organization's network, including the data stored there.
Additionally, because the malware uses stolen administrative credentials, a target's monitoring tools—put in place to protect its networks—may view the intrusions as coming with authorized access. This will unfortunately circumvent security protocols, as the incoming threat will not be recognized as such. What’s the moral of this story? If you’re going to have tools, make sure they’re smarter than the threats that can trick them.
Sectors targeted include Information Technology, Energy, Healthcare, Public Health, Communications and Critical Manufacturing. While these are some of the more commonly affected industries, no industry is truly safe.
The United States Computer Emergency Readiness Team issued Yellow Threat Level Alert (TA17-117A) with respect to this particular campaign.
- Understand and Use the Right Tools for Your Business
The following tools are available to help fight malware intrusions.
- MXToolBox. This internet tool allows you to identify the domain name if you know the IP address (known as reverse lookup). Reverse lookup means you can find websites from the known IP addresses of intruders. You can also do a forward lookup to find the IP address from a particular domain name.
- ForcePoint/WebSense: This company specializes in computer security software that helps protect data and networks from attacks inside and outside the organization, in the Cloud, and on mobile devices.
- Webroot: Manages endpoints (computer, mobile devices, printers, POS terminals, etc.) anywhere, anytime, online. Delivers threat data in real-time. Continuously collects data, analyzes it, and makes correlations.
- Software Restriction Policies: Software Restriction Policies are trust policies developed by the network administrator that keep scripts and codes—that the administrator finds not entirely trustworthy—from running. Software Restriction Policies integrate with Microsoft's Active Directory and Group Policy. Administrators may use Software Restriction Policies to create highly restricted configurations on computers that only allow certain applications to run.
- Intune: Microsoft created Intune to manage mobile devices, mobile applications, and to manage PCs from the Cloud. Intune keeps corporate data secure while allowing an organization's employees to access the data anytime, anywhere, and from almost any device.
- Sonic Wall: Sonic Wall is a powerful firewall security tool. It protects networks against viruses, spam, spyware, intrusions, and various other threats. It scans and inspects all the traffic in the network using deep packet technology (that is, looking at the data part of a packet when it passes an inspection point). Designed to protect many kinds of businesses from retailers to organizations with branch offices, from medium-sized organizations to large enterprises.
- Sonic Winds: Sonic Winds has a line of products that help manage networks more efficiently, including security and compliance products, such as its log and event manager, to quickly identify security incidents. Sonic Winds also creates reports that make regulatory compliance a breeze.
Remember the recent WannaCry ransomware attack? Experts can all mostly agree that being proactive with your threat management is the best way to avoid threats. Also, having tools in place create a far more ideal outcome for your company than waiting for an attack to happen and then doing something about it.
To find out how ABT can help your mortgage company put up the good fight against the seemingly endless security threats, contact us. ABT has many recommended practices in place, such as website filters, app whitelisting, password policies, account control (limited admin access for users), workstation management (DeviceGuardian™ for major clients) server patching, change control, and network firewalls. Having ABT's Mortgage Technology Experts on your side helps you leverage all of their tools. ABT has over 50 years of IT management in the mortgage sector and we will help secure your mortgage company beyond the banking standard.