The Information-Security Challenge: The Mortgage Bankers Association Recently Issued a Comprehensive Study of Mortgage Industry Information-Security Requirements. the Study Also Outlines a Five-Step Model for Information Assurance That's Tailored to Residential and Commercial Lenders' Compliance Needs

By Schlecht, R. J. | Mortgage Banking, December 2006 | Go to article overview

The Information-Security Challenge: The Mortgage Bankers Association Recently Issued a Comprehensive Study of Mortgage Industry Information-Security Requirements. the Study Also Outlines a Five-Step Model for Information Assurance That's Tailored to Residential and Commercial Lenders' Compliance Needs


Schlecht, R. J., Mortgage Banking


Whatever happened to the vision of the easy exchange of information in the 21st century? The Internet was presented as the stage for a new business model where customers, employees and partners would drive business to new heights by communicating via a broad range of media, applications and connectivity. [??] Customers would be able to obtain services and manage accounts through multiple user-friendly tools. Employees could work anywhere at anytime. Trading partners would be connected through a multitude of interfaces, using a variety of savvy methods of communication. And all of this activity would be fueled by seamless connections to databases throughout cyberspace. [??] When the Internet protocol was created, it was designed through a U.S. Defense Department research project, with the main design goal of providing a network that would survive cataclysmic events causing massive disruption (read: nuclear explosions) and be able to route around the affected area, resulting in the rest of the network maintaining connectivity and communication.

The protocol has been put to the test as recently as 2005--when Hurricanes Katrina and Wilma disrupted all electronic connectivity in Louisiana and Florida--and the Internet routed around the areas.

What was not contemplated in its design was network-layer security. Therefore, it was reasoned, security would be added on an as-needed basis at the application or system level.

The door to the utopian open exchange of all information is closing, and fast. The reality of viruses, hackers, phishing, pharming, lost tapes and laptops--not to mention the persistence of plain old fraud--has changed that idealistic vision. Now, the latest news stories are not just "Gee whiz!," but also "Danger, danger, Will Robinson!" The compromise of nonpublic personal information, corporate misrepresentation of finances and even increased threats to our children are headlining the stories we read today.

Regulators and legislators have been listening and reacting to these developments. Regardless of whether the source of risk is terrorism, criminal activity, or vulnerable databases and poor security practices, firms now must meet new standards established to safeguard our physical, corporate and consumer safety. A whole slew of new legal and regulatory requirements have been imposed on business as a result of a range of new risks that are now apparent.

The Enron Corporation and WorldCom scandals drove the U.S. Congress to legislate improved controls over public companies' financial records. The Sarbanes-Oxley Act of 2002 and the Public Company Accounting Reform and Investor Protection Act established specific accountability for boards of directors, management and auditors as to the correctness and accuracy of financial reports.

The USA PATRIOT Act was signed into law in response to the Sept. 11, 2001, terrorist attacks against the United States. A portion of that statute defines requirements for businesses to better understand who their customers are before engaging in financial transactions.

In February 2005, Alpharetta, Georgia-based ChoicePoint Inc. suffered a major information-security breach that led to the unauthorized disclosure of nearly 163,000 personal and nonpublic information records, according to the Federal Trade Commission (FTC). What triggered the public announcement of this breach was the California Security Breach Information Act (California S.B. 1386). That law requires organizations holding the personal information records of California state residents to notify those residents should a security breach occur that results in the unauthorized and unencrypted disclosure of those records.

Since the California security-breach legislation, more than 30 states have enacted similar versions of breach and notifications laws, and similar legislation has been proposed at the federal level.

The breath, depth and multitude of federal- and state-enacted legislation has had a significant impact on mortgage lending. …

The rest of this article is only available to active members of Questia

Already a member? Log in now.

Notes for this article

Add a new note
If you are trying to select text to create highlights or citations, remember that you must now click or tap on the first word, and then click or tap on the last word.
One moment ...
Default project is now your active project.
Project items
Notes
Cite this article

Cited article

Style
Citations are available only to our active members.
Buy instant access to cite pages or passages in MLA 8, MLA 7, APA and Chicago citation styles.

(Einhorn, 1992, p. 25)

(Einhorn 25)

(Einhorn 25)

1. Lois J. Einhorn, Abraham Lincoln, the Orator: Penetrating the Lincoln Legend (Westport, CT: Greenwood Press, 1992), 25, http://www.questia.com/read/27419298.

Note: primary sources have slightly different requirements for citation. Please see these guidelines for more information.

Cited article

The Information-Security Challenge: The Mortgage Bankers Association Recently Issued a Comprehensive Study of Mortgage Industry Information-Security Requirements. the Study Also Outlines a Five-Step Model for Information Assurance That's Tailored to Residential and Commercial Lenders' Compliance Needs
Settings

Settings

Typeface
Text size Smaller Larger Reset View mode
Search within

Search within this article

Look up

Look up a word

  • Dictionary
  • Thesaurus
Please submit a word or phrase above.
Print this page

Print this page

Why can't I print more than one page at a time?

Help
Full screen
Items saved from this article
  • Highlights & Notes
  • Citations
Some of your highlights are legacy items.

Highlights saved before July 30, 2012 will not be displayed on their respective source pages.

You can easily re-create the highlights by opening the book page or article, selecting the text, and clicking “Highlight.”

matching results for page

    Questia reader help

    How to highlight and cite specific passages

    1. Click or tap the first word you want to select.
    2. Click or tap the last word you want to select, and you’ll see everything in between get selected.
    3. You’ll then get a menu of options like creating a highlight or a citation from that passage of text.

    OK, got it!

    Cited passage

    Style
    Citations are available only to our active members.
    Buy instant access to cite pages or passages in MLA 8, MLA 7, APA and Chicago citation styles.

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn, 1992, p. 25).

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn 25)

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences." (Einhorn 25)

    "Portraying himself as an honest, ordinary person helped Lincoln identify with his audiences."1

    1. Lois J. Einhorn, Abraham Lincoln, the Orator: Penetrating the Lincoln Legend (Westport, CT: Greenwood Press, 1992), 25, http://www.questia.com/read/27419298.

    Cited passage

    Thanks for trying Questia!

    Please continue trying out our research tools, but please note, full functionality is available only to our active members.

    Your work will be lost once you leave this Web page.

    Buy instant access to save your work.

    Already a member? Log in now.

    Search by... Author
    Show... All Results Primary Sources Peer-reviewed

    Oops!

    An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.