Presentation is loading. Please wait.

Presentation is loading. Please wait.

Welcome to BP Boot Camp!. Christopher J. Gulotta, Esq. Founder & CEO Real Estate Data Shield, Inc. 271 Madison Avenue Suite 700 New York, NY 10016 212-951-7302.

Similar presentations


Presentation on theme: "Welcome to BP Boot Camp!. Christopher J. Gulotta, Esq. Founder & CEO Real Estate Data Shield, Inc. 271 Madison Avenue Suite 700 New York, NY 10016 212-951-7302."— Presentation transcript:

1 Welcome to BP Boot Camp!

2 Christopher J. Gulotta, Esq. Founder & CEO Real Estate Data Shield, Inc. 271 Madison Avenue Suite 700 New York, NY

3 Non-public Personal Information (“NPPI”): –Personally identifiable data such as information provided by a customer on a form or application, information about a customer’s transactions, or any other information about a customer which is otherwise unavailable to the general public. –NPPI includes first name or first initial and last name coupled with any of the following: Social Security Number Driver’s license number State-issued ID number Credit or debit card number Other financial account numbers

4

5 1.Gramm-Leach Bliley Act (GLBA) 2.Federal Trade Commission (FTC) –Privacy Rule (1999) –Safeguard Rule (2003) –Disposal Rule (2005) 3. Consumer Financial Protection Bureau (CFPB) –April 2012 Bulletin –Supervisory Highlights (2012) 4.Office of the Comptroller of the Currency (OCC) –Interagency Guidelines Establishing Standards for Safeguarding Customer Information (2001) –Third Party Relationship Bulletin (Oct. 2013) 5.Federal Reserve System –December 5, 2013 “Managing Outsourcing Risk” Bulletin 6.American Land Title Association (ALTA) –“Best Practices” for Title Insurance and Settlement Companies Version 2.0 (Jan 2013) 7.State Agencies & Regulators (State Attorney General, Department of Insurance, Attorney Professional Codes of Conduct) 8.Lender mandates

6 Enacted date: November 12th, 1999 Effective date: November 18 th, 2000 Compliance date: July 1 st, 2001 Tasks the FTC and other agencies that regulate Financial Institutes to implement regulations to carry out GLB’s financial privacy provisions. Covers “financial institutions” Real Estate Settlement Service Providers (e.g., Title and Settlement companies) included in definition of “financial institutions” as they are “significantly engaged” in financial activities. Gramm-Leach Bliley Act (GLBA)

7 1999 – FTC Privacy Rule (16 C.F.R. § 313) Financial Institutions are required to provide “a clear and conspicuous notice” (i.e. a “Privacy Notice”) to customers/consumers that accurately states the company’s privacy policies and practices 2002 – FTC Safeguards Rule (16 C.F.R. § 314) Financial Institutions are required to develop a written information security plan that describes their program to protect customer/consumer information Preamble to Rule identifies “employee training and management” as one of the three areas essential to ensuring information security within a business 2005 – FTC Disposal Rule (16 C.F.R. § 682) Financial Institutions are required to properly dispose of all customer/consumer information by taking “reasonable measures” to protect against unauthorized access to/use of the information Reasonable measures = burning/pulverizing/shredding papers so that the information cannot be read or reconstructed; destroying or erasing electronic media

8  The FTC is tasked with enforcement of the GLBA and the Security of Customer Information  “Financial institutions” includes any businesses, “regardless of size, that are significantly engaged in providing financial products or services” (Real Estate Settlement Services Companies are included in FTC examples of such companies).  Requires companies to develop a written information security plan that describes their program to protect customer information.  Plan must be appropriate to size and complexity of company, nature and scope of activities, and sensitivity of customer information handled. FTC Safeguards Rule 16 CFR Part 314 (May 2003)

9 Must:  Designate employee to coordinate information security program  Identify and assess risks to customer information and evaluate effectiveness of current safeguards  Design and implement a safeguards program and regularly monitor/test it  Select service providers to maintain safeguards and oversee handling of customer information  Evaluate and adjust the program in light of relevant circumstances FTC Safeguards Rule 16 CFR Part 314 (cont.)

10 FTC recommendations include:  Employee management and training for information handling;  “Regular” Risk assessment of systems, networks, and software designs;  “Periodic” monitoring and testing of safeguards (e.g. penetration testing of network access);  Upgrade information security program when necessary;  Checking references or conducting background checks before hiring new employees;  Require employee to read and sign company privacy policies FTC Safeguards Rule, 16 CFR Part 314 (cont.)

11 FTC recommends continued: Using strong password practices, screen savers and “appropriate use” policies for laptops, smart phones, tablets, etc.; encryption; Locking offices and file cabinets; Regular training of staff; Disciplinary measure for staff who security polices; Preventing terminated employees from accessory networks and data bases.

12  In 2004 a hacker used a common website attack to obtain unauthorized access to Nations Title’s computer network.  In 2005, a Kansas City television station found documents containing NPPI in an unsecured dumpster.  Title company disposed of confidential customer information in a unsecured dumpster and hackers exploited security flaws in the company‘s network  FTC reinforces its position that Title companies are “Financial institutions” and fall under the GLB Act and are thus subject to GLB & FTC consumer privacy obligations.

13

14 OCC Bulletin OCC October 30, 2013 “Third Party Relationships” Bulletin

15 In the new 2013 OCC Third Party Relationship Bulletin, the OCC speaks of “lessons learned” over the 12 years since the publication of their 2001 OCC Third Party Relationship Bulletin. Those “lessons” include: (i) The increased use of outsourced service providers; (ii) The increased complexity of the vendor relationship; and (iii) The increased use of technology and the increased inter- connectedness of third-party providers and banks.

16 These factors have combined to create a higher level of “safety & soundness” risk and the OCC has concern that banks may have generally failed to: Properly assess the risks associated with the use of such third party providers; Perform adequate due diligence and on-going monitoring of these relationships; and Appropriately enter into agreements with Service Providers after properly assessing the third party’s internal risk management capabilities.

17 Critical Activities: The OCC now expects “more comprehensive and rigorous oversight of relationships that involve critical activities-significant bank functions (e.g., payments, clearing, settlements, custody) or shared services (e.g., information technology)” or other activities that could “have significant customer impacts.” –That the OCC has effectively created a new category of higher-risk services or activities, which include “settlements” is significant to our industry and puts lender banks on notice that their management of our industry practices is subject to the highest level of regulator scrutiny.

18 Information and Physical Security: As in their 2001 Interagency Guidelines Establishing Standards for Safeguarding Customer Information (the “2001 Interagency Guidelines”), this Bulletin specifically addresses the need to assess a providers’ information security program (including vulnerability and penetration testing). Safeguarding Customer Information, Non-Public Personally Identifiable Information (“NPPI”) and Compliance with the Gramm-Leach-Bliley Act (“GLBA”): Again, the OCC reinforces its expectations that banks ensure that their Third Party relationships take all measures required by the 2001 Interagency Guidelines and as set forth in the GLBA to protect and safeguard customer information and consumer non-public personally identifiable information and that the banks themselves should monitor and audit for privacy compliance, including business resilience and continuity planning, procedures and systems.

19 This Bulletin represents the third regulator bulletin in less than two years cautioning lenders about the risk and responsibilities associated with using “Service Providers” Risk From Use of Service Providers: –If not managed effectively, the use of Service Providers may expose financial institutions to risks that can result in regulatory action, financial loss, litigation, and loss of reputation. Service Providers Risk Management Programs: –A financial institution's Service Provider risk management program should be risk-focused and provide oversight and controls commensurate with the level of risk presented by the outsourcing arrangements in which the financial institution is engaged. Risk Assessment: –A financial institution should conduct an evaluation of and perform the necessary due diligence for a prospective Service Provider prior to engaging the Service Provider. Operations and Internal Controls: –Financial institutions are responsible for ensuring that services provided by Service Providers comply with applicable laws and regulations and are consistent with safe-and-sound banking practices. Confidentiality and Security of Information: –Service Providers should ensure the security and confidentiality of both the financial institution's confidential information and the financial institution's customer information. –Information security measures for outsourced functions should be viewed as if the activity were being performed by the financial institution and afforded the same protections. –Service agreements should also address service provider use of financial institution information and its customer information.

20 Business Resumption and Contingency Plan of Service Provider o Agreements should address Service Provider responsibility for backing up information and maintaining disaster recovery and contingency plans. o Agreements may include a Service Provider's responsibility for testing of plans and providing testing results to financial institutions. o Oversight and Monitoring of Service Providers o Financial institutions should tailor and implement risk mitigation plans for higher risk service providers that may include processes such as additional reporting by the service provider or heightened monitoring by the financial institution. Business Continuity and Contingency Plans o Financial institution contingency plans should focus on critical services provided by Service Providers and consider alternative arrangements in the event that a Service Provider is unable to perform. o Ensure that a disaster recovery and business continuity plan exists with regard to the contracted services and products. o Assess the adequacy and effectiveness of a Service Provider's disaster recovery and business continuity plan and its alignment to their own plan. o Test the Service Provider's business continuity and contingency plans on a periodic basis to ensure adequacy and effectiveness.

21 Mission Statement –ALTA seeks to guide its membership on best practices to protect consumers, promote quality service, provide for ongoing employee training, and meet legal and market requirements. –These practices are designed to ensure a positive and compliant real estate settlement experience. –ALTA is publishing these best practices as a benchmark for the mortgage lending and real estate settlement industry.

22 1.Establish and maintain current license(s) as required to conduct the business of title insurance and settlement services. 2.Adopt and maintain appropriate written procedures and controls for Escrow Trust Accounts allowing for electronic verification of reconciliation. 3.Adopt and maintain a written privacy and information security program to protect Non-public Personal Information as required by local, state and federal law. 4.Adopt standard real estate settlement procedures and policies that ensure compliance with Federal and State Consumer Financial Laws as applicable. 5.Adopt and maintain written procedures related to title policy production, delivery, reporting and premium remittance. 6.Maintain appropriate professional liability insurance and fidelity coverage. 7.Adopt and maintain procedures for resolving consumer complaints.

23 Physical Security of NPPI –Restrict access to NPPI to authorized employees who have undergone background checks and credit reports at hiring –Prohibit or control the use of removable media –Use only secure delivery methods when transmitting NPPI Network Security of NPPI –Maintain and secure access to company information technology –Develop guidelines for the appropriate use of company information technology –Ensure secure collection and transmission of NPPI Disposal of NPPI –Both federal and state law, including the FTC Disposal Rule, require all NPPI to be disposed in a manner that protects against unauthorized access to or use of the information

24 Establish a Disaster Management/Recovery Plan Notification of Security Breaches to Customers and Law Enforcement –46 states have a data breach notification law; know the requirements particular to your state so that you are prepared in the event of a breach –Post your company’s privacy and information security program on your website or provide program information directly to customers in another useable form –When a breach is detected, your company should have a program to inform customers and law enforcement as required by law

25 Written privacy and security plan to protect non-public personal information (NPPI) as required by local, state and federal law –Physical Security –Network Security –Disposal of NPPI –Disaster Management –Employee Management & Training –Service Provider Oversight –Compliance through Audit and Oversight –Security Breach Incident Management

26  Written Plan  Trained Employees  Risk Assessment  Independent Testing of Key Controls  Acceptable Use Acknowledgements  Access Controls for NPPI  Network Access Controls w/Background Checks  Removable Media Controls  NPPI encryption in motion and at rest  Monitor, detect & respond to attacks  Physical controls to protect premises & NPPI  Change/Modification & Back-up controls  Privacy Disclosures  Records Retention & Destruction

27 Wells supports customer choice provided such third party providers “consistently meets all applicable requirements” Wells is expanding and enhancing third party oversight…in order to monitor and measure performance Prepare for “Top Performer” status Wells “supports” ALTA Best Practices, which should already be in place for “businesses providing title and closing services” Wells recognizes some may need “transition time” If not currently following ALTA Best Practices, do you have a plan in place for adoption? Can you document and demonstrate inspection processes to validate your adoption of ALTA’s Best Practices?

28 The Key Recommendation –“The most effective data security plans deal with four key elements: physical security, electronic security, employee training, and the security practices of contractors and service providers.” – Federal Trade Commission –Employee education and training is one of the “best practices to thwart a cyber attack.” – Symantec –Security training for all data users is the “best strategy for ensuring that a major threat to data security … is proactively addressed before more breaches occur.” – Privacy Technical Assistance Center

29 Practical Steps to Take :  Develop all required privacy and data security policies, procedures, and plans o Information Security Plan o Incident Response Plan o Disaster Recovery Plan o Secure Password Policy o Electronic Communications and Internet Use Policy  Assess your company’s risk profile  Educate and train your work force  Secure your work flows  Ensure compliance of all service providers  Implement a sound document destruction policy

30 A. Administrative B. Physical C. Network

31 1.Staff Training 2.Manual of Policies and Procedures 3.Privacy Notice 4.Shred-All Policy 5.Vendor Non-Disclosure Agreements (NDA’s) 6.Background checks on employees handling NPPI 7.Clean Desk, Office and Screen Policy 8.Authorized Devices

32 1.Staff Training –Training is an essential element of creating and maintaining a Privacy Smart culture and environment and is essential to regulators. –“The most effective data security plans deal with four key elements: physical security, electronic security, employee training, and the security practices of contractors and service providers.” (Federal Trade Commission, Protecting Personal Information: A Guide for Business) –An effective information security plan requires, “training employees to take basic steps to maintain the security, confidentiality, and integrity of customer information,” (April 2006: FTC, Complying with the Safeguards Rule) –The CFPB “Supervisory Highlights” Bulletin, states that companies “must provide for an effective training an compliance management program for all employees and service providers.” –39% of all data breaches are caused by employee or contractor negligence (Ponemon Institute, “2011 Cost of Data Breach Study”). –Beware of Malicious Insiders and former employees.

33 2.Manual of Policies and Procedures  ALTA, the CFPB and the FTC require clearly defined written policies and procedures to be in place.

34 3.Privacy Notice  FTC Privacy Rule States that financial institutions are required to provide “a clear and conspicuous notice” (i.e. a “Privacy Notice”) to customers and consumers that accurately states the Institution’s privacy policies and practices.  Client Initially and annually  Consumer Initially and at closing

35 4.Shred-All Policy –Have a Shred-All Policy for your office. This eliminates employee discretion and concern that a document with NPPI could be discarded improperly. –These should include, all paper and digital media (USB, disks, hard drives, etc.)

36 5.Vendor Non-Disclosure Agreements (NDAs) –Just as lenders are responsible for our actions, title and settlement 3 rd Party Service Providers are also responsible for our sub-vendors. –To protect your company, your third party vendors should be made to sign an NDA to demonstrate that they to comply with State and Federal privacy laws. –This can include, for example: IT consultants, search companies, storage facilities, accountant, etc.

37 6.Background Checks on Employees Handling NPPI –“Checking references or doing background checks before hiring employees who will have access to customer information.” (April 2006: FTC, Complying with the Safeguards Rule) –Be sure to comply with State and Federal Laws relating to how to use and handle any “adverse” information in these searches.

38 7.Clean Desk, Screen and Office Policy –All employees should keep files off of their desk except for the file they are currently working on so onlookers don’t see information they shouldn’t. –Staff’s desk should be cleared of all work and files at days end. –When stepping away or even when at their desk, staff shouldn’t keep unnecessary sensitive information up on their screen unless they are currently using said information. –Common areas that outside closers, etc. use should be “clean” as well.

39 8.Authorized Devices You need to keep track of what devices are connected to the office network. –This list needs to be kept up-to-date and old devices should be restricted immediately upon removal. –This includes smart phones, tablets, computers, etc. Companies need to also keep track of unauthorized devices. Letting staff know if they aren't allowed to use personal devices for work. –This also includes that work devices should only be used for official work use.

40 1.Entryway Security & Sign-in Log 2.Clean Desk Policy 3.Clean Office 4.Locked Filing Cabinets 5.Security Cameras 6.Privacy Screens 7.Locked Offices 8.Shredding of Paper and Digital Media 9.Locks on Computers

41 1.Password Protection 2.Computer Screen Timed Lockout 3.Using Various Brands of Firewalls (Defensive Depth) 4.Port Lockdown 5.Network Printers/Scanners 6.Restrictive Access to Programs, files etc. 7.Updates and Patches 8. Encryption

42

43 CEO and founder of Real Estate Data Shield and The Gulotta Law Group, Chris has represented institutional lenders in mortgage finance transactions for over 25 years. He has developed compliance management platforms and Data Security Compliance tools for mortgage lenders, title underwriters, independent title and settlement agents, notaries and attorneys. An international expert on information privacy law, Professor Schwartz assists corporations and law firms with regulatory, policy, and governance issues. As professor of law at UC Berkeley and Director of the Berkeley Center for Law and Technology, he has published widely on privacy and data security topics. A leading voice in consumer privacy and data protection challenges, Mr. Purcell is an award-winning developer of Web- based education and training courses. As Microsoft's original Privacy Officer, he designed and implemented one of the world's largest and most advanced privacy programs.

44 This webinar, supporting materials and the information contained therein does not constitute legal advice nor an attorney client relationship and is provided for information purposes only. Because laws, rules and regulations change frequently and because local laws may apply, you should consult an attorney for any specific compliance or related inquiries.

45 For Marketing & Sales Inquiry: Victoria Hatin Director of Marketing & Sales

46 Regulatory Requirements Lender Requirements ALTA Best Practices September 2014 ! Lenders Already Requiring Compliance Today’sEnvironment

47 Adopt and maintain appropriate written procedures and controls for Escrow Trust Accounts allowing for electronic verification of reconciliation. These controls help meet client and legal requirements for safeguarding client funds Adopt and maintain appropriate written procedures and controls for Escrow Trust Accounts allowing for electronic verification of reconciliation. These controls help meet client and legal requirements for safeguarding client funds.  Daily Reconciliation Requirement  Positive Pay  File Balance Documentation ALTA Best Practices Escrow Best Practices

48 EVS compare items through electronic means to ensure the validity of the item/ document being submitted for review or analysis. Does the underlying data held by the bank and accounting system support the reconciliation results? An electronic copy of a reconciliation statement is simply another form of paper that cannot be analyzed for accuracy ALTA Best Practices Electronic Verification Systems (EVS)

49 Daily 3-Way Reconciliation o #1 Defense Against Fraud o Match Bank Balances to Book Balances o 3rd way: Individual Settlement Files  Each Settlement File = Sub Escrow Account  Can’t take from Jones to pay for Smith o Businesses Banking Regs Different  “Online Posting - 24 hour rule”  Transaction Notification o #1 Defense Against Fraud o Match Bank Balances to Book Balances o 3rd way: Individual Settlement Files  Each Settlement File = Sub Escrow Account  Can’t take from Jones to pay for Smith o Businesses Banking Regs Different  “Online Posting - 24 hour rule”  Transaction Notification

50 Pre-Closing  File Balance  Check Endorsement  Good Funds v. Collected Funds  Deposit (In Transit = RESPA Violation)  Dealing with IRS Liens  Pacer Search – Patriot Search  FIRPTA Training & Records Written Procedures

51 Post Closing  Pacer Search  Ledger Card-File Balance-HUD  Check Payees  Check Signing & Wiring  Check Reissue  Stop Payment Training & Records Written Procedures

52 Settlement Software Controls  Permissions  Freeze Files  Logins  Industry Standard Software Training & Records Written Procedures

53 Unclaimed Property  Stale Dated Check Follow-up  Undisbursed funds  Escrow Agreements  Interpleading Funds  Escheatment Written Procedures Training & Records

54 o What are the 3-4 greatest risks from the outside? o What are the greatest risks from insiders? insiders? (Closers, Wi-Fi, computers, etc.)  (Closers, Wi-Fi, computers, etc.) o Verification and Validation  Expect what you Inspect!

55 o What are the 3-4 greatest risks from the outside? o What are the greatest risks from insiders? insiders? (Closers, Wi-Fi, computers, etc.)  (Closers, Wi-Fi, computers, etc.) o Verification and Validation  Expect what you Inspect!

56 Positive Pay o Defense Against Check Fraud Banking Software that matches: Banking Software that matches:  Check #  Check Date  Dollar amount o Defense Against Check Fraud Banking Software that matches: Banking Software that matches:  Check #  Check Date  Dollar amount

57 Positive Pay o Defense Against Check Fraud Banking Software that matches: Banking Software that matches:  Check #  Check Date  Dollar amount  Payee o Defense Against Check Fraud Banking Software that matches: Banking Software that matches:  Check #  Check Date  Dollar amount  Payee

58 Follow the Money Follow-up after 3-4 days for: Payoffs & Recordings Payoffs & Recordings Follow-up after 10 days for: Government entities (taxes) Service providers (hazard and flood). Follow up after 30 days for: Disbursements greater than $1000. Follow up after 45 days for all other disbursements.

59 Disburse Collected Funds o Good Funds ≠ Collected Funds  Good Funds – Settlement Definition Only  Banking Regulation CC  Available Funds or Collected Funds  Expedited Funds Availability Act 1987  Collected Funds Irrevocably Credited  Statute Definition v. Bank Definition  Underwriter Guidelines o Limit Good Funds  Illinois and North Dakota $50,000  Indiana and Utah $10,000  Your State ??? Settlement Funding Legislation Needed

60 Escrow Security o Industry Software o Administrative Controls  Ability to Limit Functions  Freeze Files  Written Procedures o Segregation of Duties o Daily Reconciliation o Strong Passwords o Dual Authentication

61 Cyber Security o Secure Service o Biometric Access Device o Strong Passwords  Master Passwords o Internet Controls o Firewalls o Browser’s o Training, Training, Training

62 CYBER ALERT - A New Variant Zeus Botnet and Zero Access Rootkit o Attack on Settlement Software  No Administrative Controls  Created Files  Transferred Funds  Posted Checks o Daily Reconciliation Prevented  Escrow Analysis  Careful Review  Potential Loss ~$2,000,000

63 CYBER ALERT - A New Variant Zeus Botnet and Zero Access Rootkit o NPPI Aspects  >10,000 Settlement Files  SSN’s  Bank Account Numbers  Investment Account Info  Credit Card Numbers o FTC Reporting Requirements?

64 Online Banking Requirements NACHA & FBI Guidelines  Dedicated Stand Alone Computer  Banking Only Use  No Java – No Adobe – No Flash  Malware Protection  Automatic Updates  Strong Authentication  Dual Controls Compromised

65 Control Web Access Browser Selection Browser Selection  Avoid Internet Explorer (Personal Choice)  Speed - Security - Functionality  Active X for Closing Packages  Eliminate Advertising (Adblockplus.org)  Keep Plugins up to date o Java-Flash Player-Adobe Reader Firewalls & Routers Firewalls & Routers Lockdown Computer Internet Access Lockdown Computer Internet Access

66 Secure o Encrypted  Protects NPPI  Sarbanes-Oxley Requirement  Lender Requirement  “Best Practices  “Best Practices” o Easy Affordable First Step

67 Who else is reading your ? These pictures were taken in 1975, and kept in a folder in my attic for 38 years. In April 2013, I scanned the pictures and ed them to a friend in Florida They were “on the web 5 days later ”! Latest Scam – “Revised wire instructions”

68 Nothing to be Learned There is nothing to be learned from the second kick of the mule!

69 Document Security: Secure delivery of Non-Public Personal Information (NPPI)

70 About DataMotion Founded in 1999 Headquarters – Florham Park, NJ Industries served Healthcare, Insurance, Financial Services, Legal Services, State/Local Government, Manufacturing Software and Service Solutions: Secure , File Transfers, Workflows Patented Solutions Healthcare Direct Secure Messaging Multiple deployment options: Cloud, On-premise, and Hybrid Over 5 million users

71 ALTA Best Practices Pillar #3 specifies the use of “secure delivery methods when transmitting Non-Public Personal Information.” Non-Public Personal Information social security number driver’s license number credit card number other financial account number Secure Electronic Delivery Solutions Selective Encryption Automatic Encryption

72 Unencrypted Content is Visible! Travels the open internet on its way to the recipient inbox Many server to server ‘hops’ along route Content is viewable and can be stolen - without your knowledge Like sending private information on a postcard Your Client’s Wire Transfer Information Here?!?

73 Headline: Thieves Steal Money Through Fraud Scheme Title Agents be Alert! Hackers are targeting consumers and stealing earnest money for upcoming transactions…….. In this scheme, the fraudsters intercept s from title agencies providing wire transfer information for borrowers to transmit earnest money for an upcoming transaction. Source: https://www.alta.org/advocacy/news.cfm?newsID=24582

74 Selective Encryption from Desktop and Mobile Little to no end-user training Intuitive “Send Secure” Outlook button Patented auto-provisioning of recipient inboxes Detailed reporting for auditing purposes Secure Data Exchange Minimize exposure to regulatory violations, litigation and penalties Cut costs of faxes, printing, postage, and courier services $

75 Automatic, Policy-Based & File Encryption Monitor & filter all in/outbound Increases compliance & reduces risk Scans 300+ attachment file types Pre-defined compliance rule sets Minimize exposure to regulatory violations, litigation and penalties Prevent data loss $ Secure Data Exchange Server

76 Universal Access to Secur From Mobile Devices Mobile-optimized web portal No app required Bring Your Own Device (BYOD) support Native mobile integration through POP3/SMTP settings Secure mobile access Ease of use Peace of mind

77 ALTA Best Practice #3. Done EZ! DataMotion Secur delivers! Exceptional ease of use for senders and recipients Encryption that works within your existing Outlook, Office 365, Google Apps Fully optimized mobile experience no app required Reduced costs lower overnight delivery, fax, and printing charges Reduced need for IT support “I was very surprised with the ease of the install and then the simplicity of using the product. I was able to demonstrate the process of secure ing to everyone in the office within minutes and had no problems. Thank you again for making it simple.” Glendal E. McMullin, President, Independence County Abstract Company, Inc. Professional Title and Abstract services in the Independence County / Batesville area for over 40 years. “I was very surprised with the ease of the install and then the simplicity of using the product. I was able to demonstrate the process of secure ing to everyone in the office within minutes and had no problems. Thank you again for making it simple.” Glendal E. McMullin, President, Independence County Abstract Company, Inc. Professional Title and Abstract services in the Independence County / Batesville area for over 40 years.

78 “Can you afford Not to start now?” The tables below illustrate approximate pricing Check with your Title Insurance Underwriter to see if you are eligible for eligible for any promotional or preferred pricing opportunities. Real Estate Data Shield pricing based on number of employees/ licensees DataMotion pricing is an annual subscription based upon the number of employees/ licenses CALL FOR A CUSTOMIZED PROPOSALBASED UN YOUR ACTUAL NEEDS Note: There is a $75 minimum cost per month per agent


Download ppt "Welcome to BP Boot Camp!. Christopher J. Gulotta, Esq. Founder & CEO Real Estate Data Shield, Inc. 271 Madison Avenue Suite 700 New York, NY 10016 212-951-7302."

Similar presentations


Ads by Google