The security of emailed information is on everyone’s mind these days. Hardly a day goes by without another story hitting the news of a major company, government agency or political party being the target of email hackers. One major internet company with more than 500 million email accounts was recently victimized. Opportunities for email hacking abound because of the ubiquitous use of email—everything from viewing bills, account access, and apps on smart phones. In the commercial mortgage banking industry, email has been used constantly to send loan documents, W-9 taxpayer identification forms, financial statements, and other sensitive business and personal information. At NorthMarq Capital, that era is ending fast.
We are taking significant steps to protect our customers’ sensitive information. In a related article, NorthMarq IT Director Eric Carter discusses our new information security protocol and its rollout. As part of those new information security measures, NorthMarq is implementing an encryption tool from Citrix called ShareFile, a tool we will soon require all of our employees to use when sending or receiving sensitive information.
ShareFile is neither Dropbox nor a cloud application. Rather, it is a website and file storage program that runs on NorthMarq’s own secure server and affords our customers temporary access to files. Users need to use an email address and password to download files.
Using ShareFile
When you receive an email that utilizes ShareFile to transfer documents, you will see a link or button to download. Once you click on the link/download button you will be brought to our ShareFile website and prompted to log in using your email address and password. If you forget your password, easy-to-follow instructions will get it unlocked. Files will be available for you to view for 30 days and then will be deleted. When operating within Outlook, a simple click on the ShareFile icon allows our employee to encrypt files to be sent.
How will NorthMarq ensure that our employees use ShareFile to send sensitive information? We are concurrently rolling out another software tool called Data Loss Prevention (DLP) that continuously scans employees’ computers for proposed sending of sensitive information that is not encrypted before it is sent. If the DLP program detects this kind of non-secure transmission, it will halt the transmission and question the employee as to whether the employee is sure that the sensitive information should be sent in a non-secure transmission. If the employee answers “yes,” NorthMarq’s IT unit will receive a log of each situation which will then be routed to the employee’s supervisor for review. This protocol represents just the beginning of further security measures to come.
We appreciate your cooperation and partnership in making security a top priority. Change is not easy, but we hope that ShareFile will be easy for you to use. If you have any feedback on how we can make this experience better, please email me at lpierce@nmmf.com.
