Are you unethical? Have you witnessed unethical behavior in a real estate transaction – either from the lender, realtor, seller or buyer? Almost nobody answers “yes” to the former, while nearly everyone agrees to the later. In reality, everyone in the title business can be more ethical. However, first you must define ethics in general, understand different types of ethics and learn what tools are available to help you work through ethical problems that arise.
Ethics describe the rules, laws and principles that govern human behavior. There are three different types of ethics: personal, business and legal. These are hierarchal. Legal ethics, for instance, are lowest. The law is universal and immutable; you have no choice but to obey it. Business ethics takes it higher. You have some agency over adhering to a business’s policies or codes of conduct. Personal ethics is the highest form, as they are based solely on the rules that individuals create for themselves.
Title agents must think through these ethical systems and navigate potential conflicts. Perhaps there is a discrepancy on the price of a property where it is listed for a higher price than it was in a recent appraisal. As an agent, would you inform the buyer of this additional information? Many professionals would say that, from a business ethics perspective, a title officer should say nothing. The title officer is a neutral third party, and a price discrepancy should be resolved between the buyer and seller. The listing price differing from the appraisal price is also something that occasionally happens. But what if the buyer is a good friend?
Or consider a theoretical agent who is two closings short of winning an award. Their manager says they will give them two phantom closings and then later delete them from the system. How would you respond? Would you report the maleficence? Take the closings and benefit professionally? Refuse the help on principle?
Both situations require an agent to navigate and balance the different ethical systems that define their life. There are strategies to help with this. In the former, you could receive counsel from an objective third party. An impartial person can help separate personal allegiance to a friend from a professional code of conduct. In the later, the agent can employ critical thinking to determine that, while it is likely unnecessary to report their manager, particularly if this is a rare ethical lapse on their part, they cannot, in good conscience, accept the phantom closings.
Agents can also filter ethical problems through different “tests” to help them decide on a correct course of action. In keeping with the hierarchy of ethics, the most critical test to apply is the “harm test.” Ask yourself if your actions will harm anyone else and violate your personal ethics. The harm test is always applicable and should follow other tests. For example, an agent should put relevant ethical dilemmas through the “law test” followed by a “business ethics test.”
The harm test is the final step. Just because something is technically legal, and just because it does not violate any business ethics, does not mean an agent should do it. If it fails the harm test and violates your personal ethics, you must change course. Agents can gain even greater ethical clarity by using the “newspaper test,” which asks whether you would want to read about yourself taking a specific action in a newspaper, and the “child test,” which ponders whether you would advise your child to take the action you’re considering.
Complex ethical problems occur in real estate transactions. In these moments, it’s important to remember that short-term benefits rarely outweigh long-term costs. It takes a substantial amount of time to establish a trustworthy or honorable reputation, but you can quickly lose it through one unethical decision. As somebody in the title business, you must always be seen as an ethical paragon, as your reputation is critical to being able to perform your job effectively. To meet this high bar, you can apply appropriate scrutiny to ethical questions, utilize critical thinking, and rely on impartial support systems for guidance. By doing so, you will experience long-term professional success and, perhaps most importantly, a blissfully clean conscience.
Your home can still be your castle – even in the digital age
Home cybersecurity used to be fairly straightforward, but these days the situation has changed. With the internet playing an increasingly dominant role in how we live and work, you should take a moment to examine whether your personal Wi-Fi network is truly secure. Here are a few easy tips and tricks for how you can best protect yourself and your home in the digital age.
Your wireless network
Consisting of a modem and a router, wireless network devices are responsible for bringing the internet into your home and directing it to all your internet-compatible devices.
You need to change the default administrative password within the router to establish control over the configuration of your home system. Be sure to use a password that is difficult to guess. Try using a random series of words that are easy for you to remember. Employ numbers if possible and capital letters for extra security. At the end of the day, you want to protect yourself by making sure that only devices you know and trust have access to your Wi-Fi network.
For extra security and peace of mind, you can even consider installing a guest network. That way, you can let visitors connect their devices but avoid opening yourself up to potential security problems.
To have confidence in your cyber security, you will want to take a hard look at the strength of all your passwords – from your wireless network to the passwords you use for each device and application.
You should try to use a different password for each device and account. This can be a daunting prospect, as it is now common to have dozens of accounts that require a password. Use a password manager tool if you are having difficulties. There are a variety of different services out there, and you can easily compare features and prices online.
Finally, don’t forget about enabling two-step verification wherever possible. Two-step verification is where two authentication steps are performed sequentially to verify whether an attempted login is legitimate. Often, this process involves a login through an online account and then the entry of a numerical code that is either emailed or texted to the account holder.
It’s wise to become familiar with all of the devices you foresee needing to connect to your wireless network. While in the past this largely consisted of a couple of personal computers, it now could include everything from smartphones and television sets to printers, refrigerators and cars. Educate yourself not only on each device’s make and model, but also its IP address. You’ll also want to save yourself some headaches by enabling each device to download and install automatic security updates.
Unfortunately, no matter how cautious you are, you may still have a security lapse someday. You should have a contingency plan in place and regularly archive your important files and programs.
There are many different strategies you can take to make this easier. You can store your data on the Cloud with end-to-end encryption. You could save it to an external hard drive. Or you could even go the untraditional route of burning your data to a CD. Whatever you decide, you will want to make sure that you can reliably restore your data following a security breach. The good news is that many mobile devices already support automatic data backups, and there are numerous software options out there that are cost effective and relatively easy to use.
Final Thoughts Creating a cyber-secure home network can feel like a challenge. But the benefits of doing so far outweigh the costs. By adhering to these steps, you will be able to create an online experience that is fun and efficient but that does not skimp on security.
As technology advances, so does the deception
The pandemic has amplified the number of scams and email attacks on individuals, companies and organizations. People are already in vulnerable places emotionally, socially, physically and mentally; Covid has only intensified fright and flight instincts. We are constantly interrupted by additional stressors.
What might have easily caught your attention on an invoice, bill or receipt, can now slip by when the mind is overwhelmed with the stress of daily life. The way people receive goods, bills, invoices and confirmations has changed during the pandemic.
Be proactive and take one worry off the list by preparing yourself and educating your clients, friends and family about current email scams. Here are four ways to identify obvious scams when shopping for company or personal resources.
When opening an email, especially one that is unexpected make sure to check the sender address. This can be the first and last stop when identifying a scam. Do you order from Amazon or Office Depot often for your business? Typically, large companies have a very streamlined and identifiable confirmation process. It might have a logo, a reprint of your order, package tracking information, etc.
Most companies have emails such as a “confirmation@” or “receipt@”, and then the company. If your typical confirmation is now coming from a different sender or source, this is a red flag. Most purchases are automated; therefore, an email about a package and confirmation that is not expected or sent at strange times is also a red flag.
The schoolteachers’ philosophy holds true: If it isn’t written correctly, it’s not correct. Many scams originate from outside of the United States and come from people who have never spoken English, or who might have only slight knowledge of English grammar and mechanics. This lack of familiarity with the language or even cultural communication can be extremely evident from the outset of the email. Unusual forms of personal address or improper labels are a signal of deceit.
Legitimate order confirmation emails should be free of spelling and punctuation errors, or words swapped for one another such as “their” and “there.” If you find such an error, take it as a signal that this email is likely a scam.
Many people are already well versed on email scams that direct you to a link. Most know not to click the link. Use this same strategy when reviewing your confirmation and order. You are usually able to scan over the item or photo and it should direct you back to the home site, whether you were shopping on Home Depot, Office Depot or Amazon. If it directs you to another site, and you can confirm this by hovering your mouse over the link, then it’s a scam. Contact your original purchaser immediately.
Most online retailers have the shopping, shipping and receipt process dialed in. Communications are auto-formatted and the email confirmation arrives in a clear, itemized order. Often items – the exact photo of the item and its link – can be found on an email confirmation.
Order receipts or requests for further action that are formatted in a strange manner should raise your suspicion. Are they asking you for additional shipping payments? Did they add your taxes incorrectly and are trying to collect? Do not fall victim to these scams. Your receipt of purchase should be clean, neat and easy to read and reference. If something is strange, then this is an identifier of a scam. In the end, trust your instincts. If something looks off, it likely is. Don’t be afraid to back out of an email or a link that feels like it might be fake. You know when something looks and behaves unlike the norm. Trust that and help yourself and your business stay safe.
It’s one less stressor!
The more we use mobile technology, the more passwords we accrue. It’s not unusual for an individual to have more than 20 different sites — bank, social media, Netflix, home security — that she routinely enters. Add to this borage of passwords the lack of cohesiveness between websites. One password might require lower and upper case and numbers and punctuation, and another asks for your childhood street address.
How does one simplify the technology puzzle and avoid getting overwhelmed by too many passwords? Here are five steps to follow to keep the letters, numbers and punctuation that make up your internet profile easier to recall and more secure.
Step 1: Use passphrases instead of passwords
Many experts suggest length is key to preventing a hack. The longer the password, the better, even upwards of 20 characters. Use a phrase that is easy to remember such as a favorite cheer for a sports team or something that is second nature in response to you. Some examples might be I-need-my-coffee-at-8AM! or GoBadgerBasketball1984.
Step 2: Use a password manager
How many of you have snapped a photo of your passwords or a photo of a driver’s license to remember information. What happens when your cell phone is gone? Can you access this information? There are hundreds of password managers that can be utilized both via desktop or laptop and smart phone. Although the inputting passwords up front might take time, it’s the sense of organization that is the reward. It’s best not to use the same password for every site. It’s also nearly impossible to remember a different password for each site.
A password manager allows you to use one code to access all of your other codes. This helps secure credential storage as well. The manager can assist in synchronization across multiple devices.
Step 3: Use Two-Step Verification
This is also known as two-factor or multi-factor authentication. This means that a password and a secondary smartphone code are required for access. This might be something such as a finger print, face identification or other tech-savvy options. These are much more secure and nearly un-hackable. Individuals should enable this security whenever possible, especially for financial, email, and other secure and/or private accounts. This can also be enabled with a password manager.
Step 4: Do Your Research
Stay up-to-speed on current online hacks and breeches of data that have occurred. A good resource is https://haveibeenpwned.com to see if any of your online accounts have been compromised. This could be a healthy routine to visit the site once a month to check in on all online accounts and data that you want kept private.
Another easy safety device is to set up alerts on your phone or through Google, Yahoo, etc., that alert you to current scams or if any of your information has been violated. There are thousands of security breaches daily, and don’t panic if you are contacted; it does not mean your information has been compromised. Do your due diligence and determine if you need to go to your password manager to update information.
This information might seem overwhelming; however, being knowledgeable and proactive about passwords and data is crucial to a healthy cyber profile. Technology is constantly advancing. Use these nuances to your advantage. Streamline passwords and stay tech-intelligent.
Best practices to help keep your remote environment secure
While working remotely at home provides flexibility and social distancing in this time of COVID-19, it may also open the door to unexpected and unwanted security issues and breaches. By taking a few simple and important steps, you can securely work and have peace of mind that your business is continuing to operate without introducing added risks.
Risks that present themselves range from nuisances and disruption, such as with “Zoombombing” [a disruptive intrusion by hackers into a video conference call], to device and network compromise with viruses, spyware or ransomware.
Here are some best practices to keep your remote environment secured:
When using Zoom or other remote meeting sites that provide audio and video connectivity, be sure that the security settings are activated to only allow screen sharing by the host, or designated others who have a need. Also be sure to use access passwords or codes available only to the invited participants that are provided in the invite prior to the meeting.
Equipment, Software and Hardware
Often the organization does not provide all equipment or supplies necessary to ensure remote access. The proper protection of information to which the user has access involves connection to the Internet, local office security, and the protection of physical information assets. Below are some of the additional items that may be required:
- Broadband connection;
- Paper shredder;
- Secured office space or work area; and
- A lockable file cabinet to secure documents when unattended.
Remote users using personal equipment are often responsible for:
- access to the internet;
- the purchase, setup, maintenance or support of any equipment or devices not owned by the company; and
- ensuring current and active antivirus, firewall and malware protection is installed, functioning and updated regularly.
Security and Privacy
Organizations often have policies regarding user logical security responsibilities. Here are a few such responsibilities, which should translate to the work-from-home environment:
- Log off and disconnect from the company’s network when access is no longer required, at least daily;
- Enable automatic screen lock (if available) after a reasonable period of inactivity;
- Do not provide (share) their user name or password, configure their remote access device to “remember me,” or automatically enter their username and password;
- Enable a firewall at all times;
- Ensure virus protection is active and current; and
- Perform regular backups of critical information using a secure storage solution.
Additionally, companies often implement additional logical security procedures for remote users. These may include:
- Disconnect remote user sessions after 60 minutes of inactivity;
- Access to company owned technology applications to use commercially available encryption technologies, such as multi-factor authentication, or use of a Virtual Private Network (VPN);
- Update the virus pattern on a regular and frequent basis;
- Provide a reasonable backup solution; and
- Perform regular audits of the company supplied equipment to ensure license and configuration compliance.
Company policies regarding physical security should also carry over into the remote-office. Here are some steps to consider:
- Maintain reasonable physical security of your remote office environment. This includes access to both company and personal technology equipment and documents;
- Limit the use or printing of paper documents that contain sensitive, confidential or non-public private information (NPI), and restrict requests for and handling of NPI to only what is essential to perform your job; and
- Ensure documents containing sensitive, confidential or NPI are shredded and rendered unreadable and unable to be reconstructed.
It is entirely possible to work remotely. A home office can be made secure by adhering to the steps above. Bear in mind that working at a hotel or a cabin or anywhere internet service allows for access presents security issues that may compromise privacy.
For further information, reach out to Tom Weyant, Director, Risk Management & Continuous Improvement, CQA, CFE, directly at email@example.com or visit www.alliantnational.com/newsroom for additional information and articles related to cyber security and internet privacy.