In today’s highly digital world, much of our business communications take place over email. The mortgage industry, especially, relies on email to communicate with clients, send and receive important documents, and to transmit customer information. However, with email comes a lot of security vulnerabilities that put your mortgage company at risk of contracting malware or having your sensitive communications intercepted by hackers. Email security is vitally important, and it is necessary to establish a strong email security policy that provides proper guidance for your loan officers on how to handle email communications.
Here are some important aspects every email security policy should have.
-
Content Control
Company policy should clearly state what is appropriate and what is not appropriate to send in the name of the company. This includes the obvious limits, such as restrictions on content which may be considered racist, sexist, etc., but it also needs to address operational aspects such as release of confidential information, when/if encryption is required, and when sending information over email is prohibited.
-
Email Retention
All email must be retained for a specified period of time. In some cases there are legal requirements to consider, but often your mortgage company may want to retain emails for longer periods of time to have as a reference. No one would question a company practice of filing paper correspondence for a period of years, and the same should be true of email retention. In fact, it is far easier to retain emails than it is to retain paper records, and every bit as important.
-
Content Monitoring
All employees need to be aware of and agree to a corporate policy that all email sent from company systems or from company addresses are subject to monitoring at all times. This provides the company itself with a tool to review any and all communication in the event that a problem arises as a result of email. It also causes employees to stop and think before they send an email and causes them to remember that they are communicating on behalf of the company.
-
Outlined Limitations
Company email policy needs to address all situations in which email sent or received by an employee can become a liability. This includes protocol for sending customer information via email, opening attachments, and the use of personal devices for business purposes. It may be difficult for a company to predict every possible situation where email can pose a threat to security, but it is important that the company at least be able to describe minimum acceptable email behavior. If business management cannot describe limitations on email protocol, they cannot reasonably expect their employees to either.
-
Regular Policy Review
Your policy should be reviewed periodically. As new technology comes into use, new issues such as encryption or potentially dangerous email attachments must be considered. A policy should be seen as a living document. It must be responsive to current business practices and requirements.
At Access Business Technologies, we offer mortgage companies the tools to ensure email security in their workforce. With solutions like EmailGuardian™, your emails are protected from spam, viruses, malware, phishing, data leaks and email transmission encryption policies. It also offers unlimited archiving so you can retain emails for as long as you wish, as well as seamless email continuity to provide uninterrupted access to emails, even in the event of any outage. These tools support your email security policy with technology that makes it simple for your loan officers to make smart, secure email exchanges. For additional assistance with developing a robust and comprehensive email policy or finding the tools you need to make your email security a priority, please contact us.