IT That Speaks
GLBA
Your examiner won’t care that your MSP “handles security.” They’ll ask for your Safeguards Rule documentation, your email archive policy, and your incident response plan. We make sure you have all three before they ask.
What Keeps Mortgage & Title Firms Up at Night
You handle some of the most sensitive financial data in any transaction. Every closing file contains SSNs, bank accounts, and loan details. These are the IT problems most firms live with.
π§ Closing Documents in Unencrypted EmailLoan officers and closers email HUDs, settlement statements, and title commitments with SSNs and bank account numbers β unencrypted, unarchived, unprotected. One compromised inbox and every closing in that thread is exposed. We deploy encrypted email and secure document portals. | πΈ Wire Fraud Targeting ClosingsBusiness email compromise targeting real estate closings is the #1 wire fraud vector. Spoofed emails redirect six-figure wire transfers to criminal accounts. We deploy email authentication, domain monitoring, and verification workflows that catch fraud before the wire goes out. |
π No Safeguards Rule DocumentationGLBA’s Safeguards Rule requires a written information security plan, designated security coordinator, risk assessment, and vendor management program. Most small mortgage and title firms don’t have any of it β until an examiner asks. We build and maintain living compliance documentation. | π» Closing Data on Unprotected DevicesLoan processors and title agents carry laptops to closings with years of settlement files, borrower SSNs, and financial records β no encryption, no endpoint protection, no remote wipe capability. One lost laptop triggers breach notification for every borrower in those files. |
Compliance Frameworks We Know Cold
Mortgage and title companies operate under overlapping federal and state regulations. We build your IT around these frameworks β not as an afterthought.
GLBASafeguards Rule, written security plan, risk assessment, vendor management, incident response | RESPAReal Estate Settlement Procedures Act, disclosure requirements, communication retention | CFPBConsumer Financial Protection Bureau requirements, data handling, consumer privacy obligations | MD PIPAMaryland Personal Information Protection Act, breach notification, data retention requirements |
ALTA Best Practices
NIST CSF
MD Dept of Financial Regulation
What Lewis IT Delivers for Mortgage & Title
Security and compliance that lets you focus on closings β not your IT.
Secure Closing PortalEncrypted document exchange for settlement statements, HUDs, and title commitments. Eliminates unprotected email as the primary document delivery method. | Wire Fraud PreventionDMARC/DKIM/SPF email authentication, domain monitoring, callback verification workflows, and staff training for BEC attacks targeting closings. | Email Encryption & ArchivingAutomatic encryption for emails containing NPI. Compliant archiving with search and retention policies for GLBA and RESPA requirements. |
Safeguards DocumentationWritten information security plan, risk assessments, incident response procedures, and vendor management documentation β living documents, always audit-ready. | Endpoint ProtectionFull-disk encryption, EDR, DLP policies, and remote wipe on every device that touches borrower data. Laptops, desktops, and mobile devices. | LOS & Title Software SupportPlatform support for Encompass, Calyx, SoftPro, RamQuest, and ResWare environments. Hosting, updates, and integration management. |
Your Borrowers Trust You With Their Data
Let’s talk about what GLBA-compliant IT looks like for your firm β and how to protect your closings before the next examiner visit.