Mortgage companies lack security
-
@dafyre said:
The moment my mortgage company asks for that, is the moment I start looking for a new one.
Mine required it over email, fax, or a certified mail. I have no idea why they didn't setup a secure file sharing system and when I complained they told me that all their other customers are doing it so to set it up for one customer wouldn't be cost effective.... They gave me an amazing rate so I guess it was worth the risk?
-
@scottalanmiller said:
@dafyre said:
The moment my mortgage company asks for that, is the moment I start looking for a new one.
When you find one that doesn't do that, let me know.
Yeah it is pretty common.
-
Sadly, it seems that financial and medical, the 2 industries that should have the most security, seem to be the worst offenders when it comes to being behind the times. Drives me nuts, but that's just how it is for some reason. Maybe because they are so pivotal that they can screw the customer base over in any way possible and see little to no monetary repercussion from it, cause we all need it.
-
I wonder if outside of the US either of these things is true.
-
I previously worked for a credit union, and all of our financial documents were exchanged securely using what is now Citrix Sharefile. Whenever mortgage documents were needed we would have clients create temporary credentials and email them a link to securely upload their documents.
Before Sharefile, I believe they had an SFTP server in place and/or did everything over fax (sigh...).
Not all mortgage places do it wrong, just those that don't care about security and have yet to suffer because of their negligence.
-
@RamblingBiped said:
I previously worked for a credit union, and all of our financial documents were exchanged securely using what is now Citrix Sharefile. Whenever mortgage documents were needed we would have clients create temporary credentials and email them a link to securely upload their documents.
Before Sharefile, I believe they had an SFTP server in place and/or did everything over fax (sigh...).
Not all mortgage places do it wrong, just those that don't care about security and have yet to suffer because of their negligence.
I've discovered that credit unions in our area are the most likely to do the right thing. When I was shopping for a mortgage our local credit unions both used Sharefile to move documents back and forth.
-
I'm sure the level of caring about doing things right is inversely proportionate to the size of the institution doing things.
-
@art_of_shred said:
I'm sure the level of caring about doing things right is inversely proportionate to the size of the institution doing things.
I would guess it has more to do with how much the government insulated institutions from accountability. In Europe banks are terrified of breaches because the government holds them accountable for exposing customer data. In the US they are shielded from this so have no accountability.
-
@scottalanmiller said:
@art_of_shred said:
I'm sure the level of caring about doing things right is inversely proportionate to the size of the institution doing things.
I would guess it has more to do with how much the government insulated institutions from accountability. In Europe banks are terrified of breaches because the government holds them accountable for exposing customer data. In the US they are shielded from this so have no accountability.
Yeah, I guess that can happen when politicians are puppets of the corporations. The whole money & power revolving door.
-
@coliver said:
@dafyre said:
The moment my mortgage company asks for that, is the moment I start looking for a new one.
Mine required it over email, fax, or a certified mail. I have no idea why they didn't setup a secure file sharing system and when I complained they told me that all their other customers are doing it so to set it up for one customer wouldn't be cost effective.... They gave me an amazing rate so I guess it was worth the risk?
I asked for a secure document upload portal as well. They said they've been doing this for years and "their network is very secure" and have never had an issue.
-
According to Scott, this is safer than faxing that same information.
-
@Dashrender said:
According to Scott, this is safer than faxing that same information.
Only in the fact that you can snoop on any PSTN line easily. Heck we have other companies lines inside of our building even a medical companies fax line, because they brought the whole trunk through our building into a Network Interface Panel with Hundreds of lines.
-
So my question.. Is there a free PDF printer to make a pdf with a password and does my onedrive with office 365 have a good way to share with other people as a one time link or something?
-
@dafyre said:
You should publicly take them to task for that on Facebook. Arguably, a non-redacted version of your post may be beneficial.
Edit: Oh, you deleted it.
Yeah lol. They removed/disabled reviews on their facebook page.
-
What about temporarily setting up your own SFTP server and giving them access to it?
-
@Jason said:
So my question.. Is there a free PDF printer to make a pdf with a password and does my onedrive with office 365 have a good way to share with other people as a one time link or something?
Something like CutePDFwriter?
-
@RamblingBiped said:
What about temporarily setting up your own SFTP server and giving them access to it?
I hope you're kidding. The chances that the banker will have any clue how to download something from FTP unless a browser will connect to it are near zero.
-
SSL encrypted OwnCloud link with a password?
-
@coliver said:
HTTPS encrypted OwnCloud link with a password?
Would be nice. I just used onedrive to share it. Whatever. My info has been stolen three times at this point not sure how much it matters anyway when no one cares on the back end at any of these places.
-
@Dashrender Meh... I've already got handholding documentation for SFTP. If they can't download Filezilla and configure it exactly as my screenshot shows I might reconsider giving them thousands upon thousands of dollars of my hard earned money. In most cases you can just forward the information to their IT department and let them do the handholding.