Look Out! Compliance Audits From Collection/Foreclosure Firms!

Compliance Audits.....

If you do high volume collections/foreclosures, maybe some of your clients want a compliance audit...

What's that?

They want to send someone out to your office and make sure you really have an office and proper procedures in place to protect their data.

They'll have some questions about your software too. A few of them already know LoyalDog and once you tell them you run LD, they just move on to all the other stuff they will be asking you about. Some important things you will want to remember and tell them about LD:

1) Your data is encrypted at rest and in transit. Your backups are also encrypted. Make sure you always use https:// to hit your program instead of http://

2) There are role-based access permissions in place. This means, you are able to configure certain people to only be allowed to do certain things. We will be posting a video on how to set this up, its pretty cool. Check it out at Configure->Holders--Employee Role Configuration.

3) LDMax is hosted at Amazon in a secure facility: https://aws.amazon.com/security/ The code and database machines are separate and the database machines only talk to the code machines ONLY. Firewalls and IP restrictions are in place.

4) Make sure you change employee passwords every 30-90 days and have a policy for this. LDMax will soon begin alerting you about this.



Unfortunately, once you tell the auditors this... They are going to start looking at other things around your office. They will be looking for:

1) Employees wearing ID cards and needing those cards and/or fingerprint reader to get into the work area.

2) If you have a network server, that it is behind a LOCKED door and nobody has the key except you. I have a customer with a fingerprint reader on the door, its cool.

3) An alarm system.

4) On your workstations, a network server enforcing role/group policies.

5) A GOOD firewall and proper rules on it.

6) You might want a nice well-lit work environment and have your employees wearing a t-shirt with your company logo on it too. It never hurts to look sharp when the auditor comes to town.

7) CCTV cameras and make sure they are of good quality and that everything is recorded on AND off-site.

8) Look organized.

Try to make sure you have a good IT guy on your staff also. It doesn't look good if these people have have questions and nobody there has any answers.

Popular posts from this blog

PAY NOW is HERE!