This article was previously published in November 2015 blog post from the National Association of REALTORS®.
By 2019, cybercrime will cost businesses an estimated $2 trillion annually. Don’t be a part of that statistic! Implement the following best practices to safeguard you, your clients, and your business from online criminals.
Best Business Practices: Develop and enforce formal policies for ensuring data security.
- Create, maintain and follow a comprehensive Data Security Program* and Document Retention Policy.*
- Avoid storing clients’ personally identifiable information for longer than absolutely necessary. When you no longer need it, destroy it.
*Checklists and sample materials can be found in the NAR's Data Security and Privacy Toolkit available to download for members.
Best Email Practices: Unsecure email accounts are open doors to cyber criminals. Follow these guidelines to help keep that door securely shut and locked tight.
- Whenever possible, avoid sending sensitive information via email. If you must send sensitive information via email, make sure to use encrypted email.
- If an email looks even slightly suspicious, do not click on any links in it, and do not reply to it.
- Clean out your email account regularly. You can always store important emails on your hard drive.
- Do not use free wifi to transact business.
- Use strong passwords and change them regularly.
Best Transaction Practices: Real estate transactions require flurries of information between numerous parties. This makes for primetime opportunities for fraudsters. How do you secure your deal?
- From the very start of any transaction, communicate and educate. Get all parties to the transaction up to speed on fraud “red flags,” and make sure everyone implements secure email practices.
- When wiring money, the person doing the wiring should pick up the telephone and call the intended recipient of the wired funds immediately prior to sending the funds in order to verify the wiring instructions.
- Remember to use only independently verified contact information.
Best Damage Control Practices: It’s happened. A breach of data, a successful scam, a hack. What to do?
- If a money wire has gone out, immediately contact the bank to try and stop the funds.
- Notify all affected or potentially affected parties. Many states have data breach notification laws.
- Change all of your passwords. If possible, change usernames as well.
- Talk to your attorney and call the authorities.
- Report the breach to the FBI Internet Crime Complaint Center: http://www.ic3.gov/default.aspx
- Report to your REALTOR® Associations.
NAR's Data Security and Privacy Toolkit has great information on protecting yourself, your business, and your clients from cyberfraud. Best of all, it's free to download for members.