Protecting Realtors® from data breaches

Most of us think a data breach would never happen to us, that it only happens to large-scale businesses. That’s far from the truth, and it’s crucial to keep your data as secure as possible.

Mike Barton, president of Allstate Business Insurance, said the most important thing a Realtor® can do is be “smart” about the information you store.

“If you don’t need something for a legitimate business purpose, don’t collect it and don’t store it. Make sure you know what data you collect, where and how you store it, who has access to it, and make sure you have a written data disposal policy and procedure to manage and properly dispose of private information when you don’t need it anymore,” he advised.

To stay secure, Barton has a few suggestions:

• Keep your computer software and security up-to-date. “It’s much easier to break into older operating systems like Windows XP or OS X 10.6. Take advantage of the major security improvements built into newer operating systems.”
• Make sure only authorized people with legitimate business needs have access to sensitive information. Store paper records with private data in a locked file cabinets and control access. Require employees to properly secure files each night and shut down their computers at the end of the day.
• Consider running background checks on new employees.
• Don’t keep sensitive information in your car when you are showing properties or on personal time. And keep laptops out of view – they are a common target for thieves.
• Establish a mobile security strategy. Realtors® increasingly depend on laptops, tablets and smart phones, and their small sizes and portability make them especially attractive to thieves. Help secure private information on mobile devices by requiring strong passwords to access mobile devices or sensitive data on any device. You also might consider applications that enable remote locking or data wiping of missing or stolen devices.
• You should require all data be encrypted, including data at “rest” and “in motion.” Encrypt your email, too, if private information is ever sent by email.
• Think beyond passwords. Realtors® should never reuse them or trust any website to store them securely. You can’t tell if a website has already been hacked and your password has been exposed. Consider using two-factor authentication, which sends a secret code to your phone to verify your identity.
• Secure your computer browser. About 90 percent of hacking attacks are attempts to exploit Java applets and other browser security issues. The latest browsers are much improved, so be sure you’re up to date with the latest browser version.
• Secure the router that connects your computer to the Internet, and make sure data can’t be intercepted. Set a strong administrator password on your router and a WPA2 password on your Wi-Fi.
  Don’t store private information on any computer or device with an Internet connection.

Have any tips to add?