Information Security: What Others are Using in 2009

"Spreading the Word"
Name: Peter Simonsen, e-PRO®
Company: Keller Williams Realty, Austin, Texas

Products: LoJack, Linksys

“Do you realize how much sensitive data we carry on our computers?” asks Simonsen. “We have an intimate financial picture of our clients—the kind of information hackers would just love to get their hands on.”

By posing that question, he hopes to raise awareness which will eventually prompt the Texas Association of REALTORS® and NAR to set minimum standards on how real estate professionals should handle and protect client data.

He’s activated multiple lines of defense: user authentication and automatic file encryption on his Vista-powered computer and Linksys Wi-Fi router; firewalls on both; LoJack recovery software on his notebook; and redundant back-up of data, on external hard drives and a remote server. In the field, he avoids hot spots, and will only connect to the Web with his own, secure wireless cellular air card.

“If a client’s data is ever stolen or compromised, and you can prove you deployed best practices to protect their information, your liability goes away,” he says.

"Back-ups and More"
Name: Jason Goodman
Company: Strategy 1 Realty, Apex, N.C.
Products: Comodo, WinPatrol, Mozy.com

Sales associate Jason Goodman knows firsthand the risks of data breach. One morning he dismissed a withdrawal of a few pennies from an online bank account as an administrative error. Hours later, he received an e-mail affirming a password changed he hadn’t made. Then, he just happened to be in his home office when his computer came to life, someone controlling his mouse remotely, trying to retrieve sensitive files and data.

“All it takes is one bad person to create all kinds of trouble,” he notes. He limits client info stored on his notebook “to mainly contact records, the kind of information already publicly available.”

Additional protective measures include activating file encryption in Microsoft XP, running free security software Comodo and WinPatrol , and backing up his data to local external drives and the Web-based service Mozy.com.

“Eventually, every hard drive will fail, so regular back-ups are crucial,” he says. As for free software, he advises only downloading from known and trusted sites. “You have to stick with sites like CNET, or you don’t know what you might be getting.”

"Securely Sent"
Name: Jesse Clifton
Company: Jesse Clifton & Associates, Fairbanks, Alaska
Product: ASUS, MessageGuard

Personnel at Jesse Clifton & Associates carry ASUS laptops with built-in fingerprint scanners. Biometric authentication is also required for access to the resources stored on the office’s network servers.

Clifton also has a solution in place to ensure sensitive client information is never transmitted by e-mail. MessageGuard, provided by his site host Network Solutions, integrates with Outlook. When finished composing e-mail, he clicks a “send secure” button and the message is encrypted and routed to a secure server. The intended recipient receives an e-mail invitation to click a link to retrieve the message, with a previously assigned user name and password.

“It’s our responsibility to protect our clients, and that includes their personal information,” Clifton explains. “But most never think in terms of the worst-case scenario. If a client becomes a victim of identity theft, and it comes back to something you didn’t do to protect their information, your liability could be exponential.”