IT security is in the headlines more and more often in 2024 – whether it’s breaches or best practices, it’s top of mind for everyone in the default servicing world.

We recently participated in a network security panel as part of a USFN webinar, and we summarized the input from our Infrastructure Manager, Nate Braun, in our latest blog article.

Read the article here, and learn how IT professionals are working to mitigate risk for companies around the world.

NetDirector can provide a highly secure integration solution for your firm that matches the level of effort you’re already putting into your case management and other internal systems. Reach out to us at the info below to learn more!

Looking to get more time-saving functionality out of your TEMPO integration?

NetDirector can now send messages to TEMPO, and we’ve expanded the functionality of TEMPO comments using the existing Message transaction. Now, even with minimal information, comments can be included in existing messages – current customers can reference the Message Documentation for more information on how to link TEMPO comments.

Special thanks to everyone at Orlans PC for helping to test this newest functionality, and much more. We’re always grateful for our clients who are dedicated to expanding their automation footprint beyond just the “bread and butter” integration functionality.

Curious to learn more, or want to set up TEMPO messages and comments? Reach out to your integration analyst today, or contact our account manager at the information below to get started!

With recent attention on the 410a and its importance in the default servicing legal process, we’re focused on ensuring firms have all the right tools to avoid the biggest pitfalls.

If your 410a isn’t completed in a timely and accurate fashion, a number of negative outcomes can occur including:

• Fines/punitive costs for incomplete/missing documentation
• Preclusion of presenting information in contested/adversary proceeding
• Missed deadlines that start a domino-effect

Our A.I. Extract suite offers functionality around Loan Payment History extraction for 410a Worksheets, and is available with or without fully integrated extraction.

Contact us at the link below to schedule a demo of our A.I. Extract and see the 410a functionality in action, or visit our website to learn more!

We’ve got a pretty good idea what’s on everyone’s “to-do list” for 2024 – more efficiency, less waste, lower costs and higher profits. NetDirector can help your organization attack that list and make your 2024 goals a reality.

Quick-hit priorities for maximum performance in 2024:

1. Review your current transaction mix to ensure your organization is lean and mean (automated standard event options are a good example to easily reduce cost and associated labor)
   
2. Explore easily implemented, low-risk alternatives for redactions, legal description extraction, 410a preparation, etc. like our A.I. Extract service
   
3. Streamline your document uploads & downloads to eliminate wasted time and money

Let us help you strategize your business process automation and contact us today!

This article was originally published as part of the USFN Newsletter, as a follow-up to our participation in their Digital Security webinar.

Mitigating Risk by Segmenting and Separating Data – Network Security Architecture Explained

The default servicing market is changing constantly – we’re here to help your firm leverage technology to manage those changes, even when it comes to mergers and acquisitions!

Our transfer referral functionality allows you to use automation to ensure a seamless crossover to get the data and files you need into your case management system with minimal effort on your part.

For Black Knight V3:

1. First, take in file transfer referrals from the servicers. See our data dictionary for a list of process types.
2. Submit the Open Referral Request transaction to get all the referral data to transfer to your system (this is useful when the servicer transfers the referral from one attorney to another)
3. Use the Document Request transaction to get the docs you need automatically forwarded to your system
4. Once you have the necessary data and RID, you can easily complete steps/ddf’s and upload documents via integration!

For TEMPO

We’ll ask them to reflag any referrals for the past 30 days (loan number and date of referral required). You may also utilize the Document Request transaction to retrieve needed documents.

This article was originally published as part of the USFN Newsletter, as a follow-up to our participation in their Digital Security webinar.

Mitigating Risk by Segmenting and Separating Data – Network Security Architecture Explained

With the latest generation of phishing and social engineering assisted by the newest AI technologies, information security is more important than ever for small businesses. According to the “Acronis Cyberthreats Report, H2 2023” AI-enhanced phishing attacks affected over 90% of organizations surveyed and resulted in a 222% increase in email attacks in 2023 when compared to the same time period in 2022.

This risk is especially great for any business dealing in PII, financial data, or legal – for the default servicing industry, this is the triple threat that makes security high-priority across the organization. One of the best strategies to ensure data security is data segregation.

The goal is to ensure only the individuals who are authorized to view certain data sets have access to them – and that while that access is secure, it remains easy and convenient for the team members who need the data to do their job.

It’s easiest to envision a complete data segregation strategy by visualizing the way a layered, segmented security protocol works on physical documents. The familiar layers of security are present for most hard copies of documents in the physical world.

• a property gateway (potentially with a security guard) exists, verifying access to the property.
• the building entrance uses a badge reader or biometric scan, and a secondary badge entrance would provide further segregated access to a particular wing.
• within the wing, even fewer key cards would grant access to certain hallways or individual rooms.
• a physical key is required to unlock a particular cabinet full of sensitive files.

In this example, there are up to six layers of security present between the “outside world” and the sensitive information, each of which limits access in steps. Could an outside unknown malicious actor get access to a document in the file cabinet (without the use of “Hollywood writers”)? The short answer is no – the only people that could do harm in this scenario are a very limited number of internal employees, restricted by the many layers of access and significantly narrowing down potential threats.

What if one of those layers is compromised, like the lock on the cabinet? Even with one or two less layers of security, the documents themselves are still secure from outside access. Risk probability decreases exponentially after each layer of security in place.

An equivalent layered segregation process is the best approach to ensure a secure environment for digital data. For example:

• A VPN gateway functions as the property access, with as many as eight factors of verification in this “front line” defense: a username and password, with multi-factor authentication (MFA) tokens matching the PC/Device, IP Address/location, a one-time PIN from Authenticator, mobile device registration for authenticating devices, and FaceID on the authenticated device.
• Firewall/security rules work as the building key card: after VPN connection is established, the VPN client with an Endpoint Security Profile can determine what access is allowed based on the user’s account and group membership, denying or granting specific IP/port access.
• Application authentication represents key card access to specific rooms and hallways, and is separately managed in a similar way to the VPN (factors include Internal WebUIs, File Shares, RDP, SSH, and a different username/password requiring a new MFA)
• Finally, the file cabinet lock is represented by specific application access – after authentication in the previous steps, what data is available to that authenticated user in the specific application? This is the final step to ensuring the right data is available readily to users who need it, and can also determine read/write permissions, modification availability, etc.

Final questions to consider around data segregation, from our in-house experts:

Q: How many layers does our company NEED?

A: One layer, even with MFA, is no longer enough. Companies should have AT MINIMUM two layers each with their own multi-factor authentication before classified/protected information can be reached.

Q: Which technologies are most important to secure?

A: Endpoint security for physical devices (laptops, phones, etc.) through which employees can access classified information is most important. Authentication and file transfers for Unified Messaging technologies (email, IM, phone, online conference, voicemail) is second most important. Web based interfaces, applications, and connections would be third on the list. These are the big three that absolutely NEED their own layers of security, including MFA.