Your team members need to be mobile, so they can do their jobs effectively. This means remote access to your company’s server, client files and emails. But what happens if an agent’s device falls into the wrong hands? Or what if you’re hacked?
As a real estate broker, you need to be aware of the security issues that can arise from your remote team. Here are some protective measures you can put in place to prevent major disruptions to your business.
What Can Go Wrong
If your team members are using unsecured wi-fi networks while out of the office, this can pose a risk to your business. Eavesdroppers can obtain information across these unsecured networks. This can include important data such as passwords, email messages which haven’t been encrypted and other online activity. This poses a risk not only to your team and business, but also to your clients because their personal details are likely on your system.
Hackers may gain the ability to hijack your private emails and/or social media accounts, commonly through infected thumb drives or email attachments. When this happens, you could find that emails are being sent from your team’s email addresses that are inappropriate, offensive or with fraudulent intentions — and your team may not even know they’ve been hacked.
While agents are out in the field at open houses and meetings, there’s potential for stolen devices. If not secured effectively, this could mean third-party access to anything and everything on your server — important client information, confidential business information, accounts, emails and sensitive data.
If agents aren’t backing up their work to your server or a cloud-based solution, they could lose important data if the device is stolen or accidentally damaged.
If one of your team members loses important client data and a breach of privacy occurs, you and your agent could be facing a lawsuit. To avoid legal action, it’s critical to have effective security measures in place within your company.
Cloud Storage — the Pros and Cons
Cloud storage solutions have become more user-friendly and cost-effective. Real estate professionals who want to get their business running like the ease of setup, without the need to purchase expensive servers and equipment.
With cloud storage, you may not need additional storage for your computer equipment, you have a cloud backup in case your device is damaged or becomes unserviceable, and you can easily integrate your cloud storage software with other programs.
However, if you use cloud storage, the main disadvantage is that you’ll be providing third-party access to basically all the data you own as a business. That includes your data and your client data. If that third-party cloud software company is hacked, you’re also vulnerable, and. the potential for a lawsuit from an angry client greatly increases.
The other disadvantage of using cloud storage — somewhat minor in comparison to hacking — is that your team will need to be online and connected to the internet to access documents from the cloud. This is usually only an issue in remote areas where Internet access may not be available. In most cases, your team will be able to create a personal hotspot with their smartphone or connect to a secure wi-fi connection.
Protective Measures and Tips to Stay Safe
Here are tips to keep your business and client data safe, even when your team members are remotely accessing your network.
Ensure your team uses password protection on all devices
This means pin locks for smartphones and tablets and secure passwords for laptops. To enhance your data security, you could also establish a password policy which ensures that your team:
- Changes their passwords regularly
- Creates sufficiently complex passwords to prevent others from guessing their passwords
Consider two-factor or multi-factor authentication for maximum security
Two-factor or multi-factor authentication can prevent unauthorized access to your system by asking for additional information to confirm your team member’s identity. This could be an automatic code sent to the cell phone of the team member or screening questions that team members have to answer to verify their identity.
Establish an account lock-out policy
If an incorrect password is entered too many times, have systems in place to lock-out the account to prevent unauthorized access. This can protect your data in cases where an agent’s device falls into the wrong hands.
Mandate that all devices have appropriate malware and virus protection
Malware and virus protection is an essential barrier to dangerous viruses and external threats. As an organization, ensure that your team has appropriate protection and regular updates are done on all devices.
Check what information downloaded Apps can access
Some apps can track location, and access emails, social media accounts, and photo reels. Some can even post messages on behalf of the user. Beware of apps which can access detailed personal or confidential business information. Advise your team only to download apps from reputable developers.
Use a Virtual Private Network (VPN) to facilitate access to your server
A VPN uses encryption and enhanced security protection measures to ensure that only authorized persons can access your network. This encryption allows users to send and receive information securely without interception — an ideal solution for connecting your remote team to the network.
Tell your team to turn off Bluetooth when not using it
If they don’t need to access wi-fi or Bluetooth devices, tell your team to turn these features off when out and about.
Install device-tracking software
If a device is lost or stolen, it can be tracked if you’ve already setup device-tracking software, such as “Find my iPhone”. And you’ll be able to remotely delete all data from the device if it can’t be recovered.
Insurance Protection for Your Real Estate Team
It’s essential to have adequate insurance in place in case something goes awry with your team remotely accessing your servers. Security breaches can happen. If your client’s confidential data is accidentally hacked or shared, or they’re in any way disadvantaged due to a security breach, you could face a lawsuit and costly expenses for client damages. Even when you’re dealing with real estate agents who are independent contractors working for your business, you can still be held liable.
CRES has 3 options for cybersecurity coverage for your real estate office:
- $50,000 Cyber Notification coverage as part of your Real Estate E&O “Broad Form” endorsement. This covers the insured (“first party”) for client notification costs due to a data/security breach.
- $50,000 Cyber Liability Damages and Defense Costs of first (You) and third (Clients) parties affected by a data breach. (Just $35 for $50,000 coverage for one licensee, or increase coverage to $100,000 or $250,000.)
- Comprehensive Cyber Liability separate policy for broader coverage against events like ransomware and wire fraud, including the actual transfer of money or security.
To find out more about CRES Team Coverage, Cyber Liability Coverage and more, contact the friendly CRES team at 800-880-2747.