Is your mortgage company encrypting the hard drives of the devices it uses to conduct daily business? Here’s a better question: Could your mortgage company withstand the potentially catastrophic fallout that would occur if a computer containing confidential client information was stolen and fell into the wrong hands? What about the regulatory repercussions and lack of customer confidence that such an event would cause?
Implementing hard drive encryption today could save you from potential disaster tomorrow.
The Importance of Protecting Your Data
Securing your computers with passwords or behind locked doors is not enough. Passwords may stop an unauthorized person from logging into one of your computers, but it will not stop them from stealing the entire computer. Once they have the computer, accessing any file on your hard drive is easy. Anyone with the right knowledge or tools can bypass the operating system security and access the files directly.
Consider for a moment what kind of confidential information your mortgage company gathers on its clients: social security numbers, birth dates, addresses, employment history, and credit history. Now, imagine if all that confidential data was stolen. In the right hands, this data could lead to hundreds of thousands of dollars in financial losses to your customers, and to your company.
Identity theft is serious business, and keeping your client data safe from theft is a serious part of your business. This is why mortgage industry regulators strongly recommend that mortgage companies encrypt the hard drives on all computers used to handle client data.
How Much Encryption is Enough?
Encrypting specific files or types of files is a good start. Unfortunately, due to the way in which computers access and handle data, anything short of full drive encryption is simply not enough.
Encrypted files on an otherwise unencrypted drive must be unencrypted on the fly by the operating system. These files, or pieces of them, are then stored in an area of the hard drive known as the swap file for easy access and editing once they are opened. For example, if you have ever used the undo function in Microsoft Word or Excel, it is the swap file that makes this possible.
Files and pieces of files in this area of the disk may linger for a considerable amount of time, leaving them vulnerable to access by anyone who can get to the unencrypted part of the file.
The unencrypted part of a partially encrypted drive can also be used as a sort of “back door” to access and circumvent the encryption. This vulnerability can be easily exploited by a fairly inexperienced person with the right software tools.
It is for these reasons that mortgage industry regulations now require businesses to use full disk encryption of all data on laptops and other devices. As such, full drive encryption is the only real option to both protect your confidential data and maintain full regulatory compliance.
Drawbacks of Encryption
Unfortunately, this level of security does come at a cost and with considerable risk.
There are a number of ways you can permanently lose access to the data on your computer or effectively ‘brick’ your computer during or after encrypting the drive. For instance, if you suffer a power outage or system failure while encrypting a drive, you will almost certainly lose the data on that drive. If you lose or forget the password that you used to encrypt your drive, you will be effectively locked out of your drive. If the encrypted drive becomes damaged or the data becomes corrupted, you can also permanently lose access to your data.
We Can Help
ABT can help you avoid those potential pitfalls while assuring your customers—and regulators—that client data at your mortgage company is being protected by a state-of-the-art security solution.
Our DeviceGuardian™ PC and Device Protection technology will ensure mobile device management for all of your computers and mobile devices. We make sure you are fully compliant with Financial Protection Bureau (CFPB) regulations by providing cutting-edge enterprise security and data encryption to protect your sensitive client data.
ABT is your one-stop IT provider with the specialized services and 24/7 support you need to take your mortgage company to the next level.
Contact us to today to discuss the many ways we can manage your specialized IT needs.