Hackers are more persistent now than ever before, and they’ll stop at nothing to get at your sensitive data. International hackers are now specifically targeting mortgage companies because of the wealth of personal information contained in their systems. Mortgage businesses are among the largest security targets, due to the fact that they deal with the largest amount of personal information that can be used for identity theft.
Fortunately, protecting your mortgage business from security threats is possible, and though it may seem like common sense, strong passwords can be a crucial line of defense. Access Business Technologies (ABT) has a few recommendations for keeping your organization secure through strong passwords.
The most important thing to remember about passwords is to change them regularly—at least once every three months. Having the same corporate or personal password for years and years leaves you very vulnerable to a security breach. Keeping the same password increases your chances that a previous hack, or attempted hack, that captured your password could be reused to finally crack your systems. If you systems don’t automatically force you to change your password, make sure to set a calendar reminder to change your password on a regular basis, and require your entire staff to do the same.
The next step to creating a secure password is to make sure it is has enough characters. Each additional character you use makes the password more secure and exponentially more difficult to crack. In particular, if you are choosing from the 26 letters, 10 numbers and 10 symbols in your password selection, you have an enormous amount of combinations. With just 2 characters you have over 70 trillion different combinations. Even though this sounds like a lot, a decent computer could use "brute force" to try every combination in just a few hours and eventually crack your password. However, if you use 8 characters, as is now standard, you would have 3.5 x 10 to the 41st different combinations. Computers today are simply not powerful enough to try every possible combination to guess your password in reasonable amount of time.
We recommend that users have passwords at least eight characters long, utilizing a combination of symbols, numbers, and letters. Case-sensitive passwords with uppercase and lowercase letters can also expand the universe of potential passwords, making yours even more secure.
Although the number of combinations for a given password is very large, hackers know that you will not usually use a randomly generated password. Instead, you will use familiar names, words, and numbers. For that reason, it is important not to include your own name, your birth date, or your company name. In fact, using an incomplete word is best of all. If your favorite baseball team is the Boston Red Sox and you want to incorporate it into your password, you might use "BOstOnrEdoX!04.” While this combination would make sense to you, with the "S" missing from Sox and the 04 indicating the first year that they won the world series, a computer algorithm would have a much tougher time guessing this combination.
Another trick is to replace symbols for letters. These are easy for us to read but difficult for computer programs to guess. For example, substitute 3 for E, $ for S and @ for A or the word "and." For example, "best" could become "b3st", "standard" becomes "$tandard," and "badminton" becomes "b@dminton." Together, these tricks make your password much more difficult to hack.
Lastly, try to make sure that each password you choose is different from the previous ones that you have used. Each time that you change a password, use different semi-familiar words with different combinations of symbols, uppercase letters, lowercase letters and numbers. Make sure that each category is represented each time that you change passwords.
ABT is a leader in keeping mortgage businesses secure through our unique cloud platform. Remembering many different passwords, especially when they’re changing frequently, can be hard. Fortunately, ABT's MortgageWorkSpace® solution has a single sign-on (SSO) feature that securely stores all of your passwords in one place, so you only have to remember one “Master Password.” MortgageWorkSpace® also offers multi-factor authentication (MFA), which is now required for mortgage companies and which, in combination with SSO, further reduces potential security risks. For more information on how you can use our platform to help your business succeed and stay safe, please contact us.