PCI Works
Menu About US       Menu Contact Us       Menu Pricing       Menu My Account
Products
PCI Compliance
TrustKeeper
TrustKeeper SSL Plus (PCI + SSL)
TrustKeeper SSL Plus (PCI + SSL) with EV - coming soon
SSL Certificates
Premium Extended Validation SSL
Premium SSL
Premium Wildcard SSL
Premium Enterprise SSL
Domain Validated SSL
Signing Certificates
Code Signing Certificates
Secure Email Digital IDs
Mortgage industry considers IT security
The mortgage industry is a site of data danger and notable IT security needs.
The mortgage industry is a site of data danger and notable IT security needs.

Keeping data and computer systems secure is important in every type of industry. It has a special importance in sectors dealing directly with finance, however, as data breaches can lead directly to fraud. Those worries have led to a push for more IT security and employee awareness in the mortgage sector, according to Mortgage Finance Gazette contributor Paul Brooks. He noted that the U.K.'s Fraud Management Authority has frequent trouble detecting illicit activity in the mortgage industry, further incentivizing good practices by individual firms.

Risk versus preparation

Brooks noted that international standards are a good place to start for security compliance efforts. He explained that the Information Security Management Systems guidelines have little traction with U.K. mortgage dealers but that adoption is on the rise, with his large employer achieving certification recently. The requirements involve both best practices in data handling and thorough recovery strategies.

According to Brooks, data security can go well beyond the actual digital systems containing data. He explained that companies should also focus on making sure workers know the procedures necessary to keep information safe. He also advocated for security systems that can keep facilities and property safe. Utilizing advanced penetration testing services can determine a firm's overall data loss readiness.

Standards and guidelines

Depending on the company and industry, there are a variety of standards and restrictions that can guide security decisions. One of the most prominent is the PCI standard for payment data. PCI compliance is mandatory for firms dealing with customer credit card numbers. TechTarget contributor Mark Chapple recently suggested that firms should treat certain parts of the code as baseline and go beyond them to make systems even stronger. Rather than either using app firewalls or performing vulnerability tests, he suggested doing both.

<< back to listing
SSL Certificates
Premium EV SSL
Premium SSL
Premium Wildcard SSL
Premium Enterprise SSL
Domain Validated SSL
SAN SSL 5 Domain
SAN SSL 20 Domain
TrustKeeper SSL Plus with SSL
TrustKeeper SSL Plus with EV
Signing Products
Code Signing
Secure Email Digital IDs

PCI Compliance
TrustKeeper
TrustKeeper with SSL
TrustKeeper with EV
My Account
Log in
Create Account

Resources
Support

© Copyright 2011 PCI Works. All Rights Reserved. HOME | PRODUCTS | CONTACT US | ONLINE CHAT | PRIVACY POLICY | SITE MAP