Archives: Security

Subscribe to Security RSS Feed

Heeding Momma’s advice, or dealing with the consequences

When we were children, our mothers told us to “eat a good breakfast,” “always eat your vegetables,” and “get plenty of exercise.”  As we grew older, their advice focused on more important life choices such as “don’t do drugs,” “don’t exceed the speed limit,” and “don’t hang out with the wrong crowd.”  Our mothers didn’t … Continue Reading

On My Soapbox—Is it Fair to Make Title Agents and Law Firms Prove Compliance with Best Practices?

For those in the title and legal industries, it can be more than a little annoying to have one’s role in representing lenders characterized as merely that of “third-party service provider.”  Title agencies and law firms perform the same trusted services for the lending community today—handling confidential bank client information and millions of dollars of … Continue Reading

“Beeeeeeeeeep… This Is a Test.”

Ahhh…the jolting sound that sometimes interrupts our prime-time television programming: This is a test.  For the next thirty seconds, this station will conduct a test of the Emergency Broadcast System.  This is only a test. Though they are prickly interruptions, we tolerate these tests because they are brief and, perhaps most importantly, we understand that … Continue Reading

News Flash – Finally, Some Good News for the Title Agent’s Future

In reviewing the recent blogs I’ve published on topics surrounding Best Practices and the pressures imposed on title agents by lenders and federal regulators, I realize most were anything but uplifting.  For this reason, I wanted to share a blog highlighting a recent industry-related publication that contains some good news and indications that there may … Continue Reading

Whatcha Gonna Do When a Data Breach Happens to You — Part 3 – FTC’s “Data Breach Response” Guidance Booklet

In a recent blog, I explored the importance of developing a damage-control plan in the event of a data breach.  Following that blog, I provided guidance for determining the applicable laws with which you must comply after a data breach has occurred.  Both blogs referenced industry experts who offered advice regarding what they thought was … Continue Reading

CFPB Updates Guidance on Lender Supervision of Third-Party “Service Providers”

On October 19, 2016, the director of the Consumer Financial Protection Bureau (CFPB) issued a new bulletin entitled “Compliance Bulletin and Policy Guidance; 2016-02, Service Providers.”  This bulletin is significant for the title industry because it reissues guidance from Bulletin 2012-03, which made it clear that financial institutions are obligated to ensure their business arrangements … Continue Reading

Preparing for the Proverbial Compliance Storm: There Should Be an App for That

If only there was a “Best Practices” app to let us know when your lenders will require a Certification of Compliance. With a “weather app” on your cellphone, rain should never come as a surprise.  One simply looks at the displayed radar images, clicks the “future” tab, and immediately sees where storms are headed and … Continue Reading

What’s the Weakest Link in Your Privacy Program?

In recent blogs, I focused on the serious consequences that arise in the event of a data breach.  Those consequences involve timely breach notifications to all your customers, dealing with inevitable regulator investigation, litigation, and the possibility of substantial fines.  However, probably of most significance, is the reputational risk, as a data breach would decrease … Continue Reading

Whatcha Gonna Do, Whatcha Gonna Do, Whatcha Gonna Do When a Data Breach Happens to You?

In my job, I have the privilege of speaking with title and settlement agents from across the nation.  At some point during our conversations, those agents who have just been certified as compliant with ALTA’s Best Practices will usually voice something similar to the following: “I recently upgraded my server, and each of my office … Continue Reading

Are You Doing Enough to Protect Your Customer’s Information?

Few firms feel confident enough to assert that their offices’ security procedures are “exceptional.” However, most firms that have implemented some degree of security controls would probably feel comfortable affirming that they exercise “reasonable data security.” Nevertheless, that phrase is vague and ambiguous. What amount and type of controls are enough to be deemed “reasonable?” … Continue Reading