Darren Kruk Reveals the New Technology Threat

The September edition of HW Focus features an article authored by Safeguard’s Darren Kruk, information security officer, titled New Technology Threat.

New technology threat
How vendors can help keep mortgage servicer information secure

Before the world of mobile phones, pagers, tablets and other “electronic leashes” that are part of daily life today, life was much simpler. People handed out their Social Security numbers with no concerns about thieves using that information to steal their money or identities.

Were there fewer criminals in the world then? Probably not. It’s just that advances in technology have given criminals new avenues to access and exploit electronic information for their own monetary gain.

Each year, technology races forward and brings new innovations and, with it, new exploitations. Protecting confidential information from exposure to new threats is like playing a game of Whack-a-Mole. Those trying to protect information have to stay one step ahead of the criminals who are trying to steal it.

Mortgage servicers and their field service partners are a part of that game. Just as technology is ever-changing, information security continuously must evolve to meet new threats and comply with changing regulatory requirements designed to protect the privacy and security of citizens.

As main vendors for the mortgage servicing industry, field service companies store a lot of confidential property data on behalf of their mortgage servicing clients. As such, they must adhere to the same information security guidelines to meet compliance requirements on behalf of their clients.

Also, field service companies must stay one step ahead of advances in mobile devices, cloud technology and social networking. The reason? Though they bring many benefits, they also present a number of threats.

Mobile devices
Mobile devices have quickly brought the world closer together, allowing people to connect as never before. Our mobile devices are more than phones. They are our online banks, music repositories, contact lists, shopping assistants, and our source for airline tickets, maps, books, email and countless other activities.

In the field services industry, mobile devices also have become a valuable tool to help inspectors and contractors access and update work orders, meet timelines, instantly report property condition and damages, and protect properties from costly damage and code violations.

As the use of mobile devices in field servicing grows, so do the security risks. To protect the security of information transmitted through mobile devices, field service companies must educate and train their contractors using these devices on policies and procedures to keep information secure and minimize security threats.

Among the threats are exposure to cell provider networks that can be hacked, lack of firewalls, and malicious software in downloadable applications that can steal information. Because field service companies and their contractors of necessity must connect with the information systems of mortgage servicers, each can expose the other to potential security breaches.

Field service companies can assure that the information collected on their contractors’ mobile devices is secure by developing their own customized applications. For example, mobile applications should not be able to send or store any information on a customer’s loan or personal information, only the address of the properties the vendors are visiting. This is the easiest way to ensure information does not fall into the wrong hands.

However, even if contractors do not house sensitive information on their phones, field service companies must still ensure that any information collected is not easily accessible. This can be controlled in several ways. The first is to require a username and password that ties directly back to the field servicing company’s internal systems. A user should have to log in with their credentials before gaining access information. After a set period of inactivity, the application should log the user out of the application and require them to log back on.

Any data stored on the phone should be stored in what is referred to as a “sandbox”. Sandbox data cannot be accessed by an individual from their device outside of the application. Nor can they pull information from their devices if they connect to a personal computer.

Cloud technology
While cloud technology is the latest buzz for technologists, companies should tread carefully and understand not only the benefits, but also the risks. Any new technology is an attacker’s dream, as companies often shift to it before they fully understand all of the vulnerabilities. Cloud services are especially vulnerable because they are quickly becoming repositories for large quantities of information, much of it confidential.

Many security experts fear that the next big hack will be to a single cloud service provider because of the ability to compromise multiple companies through a single source. For example, if a hacker has the option to hack 10 companies independently or attack the cloud provider that 10 different companies use as their application service provider, the hacker’s effort will have more impact by attacking the cloud provider.

Until better certifying authority and standards are developed, such as those from the International Organization for Standardization, field service companies and their servicing clients should use cloud services and other new technologies for noncritical, nonconfidential data only.

Social networking
Social networks such as Facebook and Twitter, which connect users through an expansive cloud-sourcing community web, have advanced beyond helping people find old friends and maintain contact with family and friends across the globe. Businesses now rely on them to supplement their marketing and customer outreach efforts.

At the same time, many businesses have had to implement policies on social network usage during work hours because of productivity issues, reputational risks and, most importantly, security threats when employees access these services through company systems.

Hackers are creating new, complex computer viruses that can morph and be delivered to company systems through social networking sites. Work computers and company systems are vulnerable to these viruses when employees download the latest game or viral video. It is important for servicers and field service companies to create policies about social networking that block employee access to prevent potential attacks.

Times have changed when it comes to technology and the way field service companies obtain and relay information to their contractors and their mortgage servicing clients. To take advantage of the efficiencies these technologies bring, and also guard against the potential threats to security, it is imperative that field service companies implement, monitor, evaluate and update their policies and procedures to keep confidential information safe, assuring that their mortgage servicing clients maintain compliance.

Darren Kruk is the information security officer for Safeguard Properties, the largest field services provider in the U.S. He joined Safeguard in 2006 and is responsible for all policies and procedures to protect the security of sensitive client and corporate information.

Please click here to view the article in PDF.

About Safeguard 
Safeguard Properties is the largest mortgage field services company in the U.S. Founded in 1990 by Robert Klein and based in Valley View, Ohio, the company inspects and maintains defaulted and foreclosed properties for mortgage servicers, lenders,  and other financial institutions. Safeguard employs approximately 1,700 people, in addition to a network of thousands of contractors nationally. Website: www.safeguardproperties.com.

x

CHIEF EXECUTIVE OFFICER

Alan Jaffa

Alan Jaffa is the chief executive officer for Safeguard, steering the company as the mortgage field services industry leader. He also serves on the board of advisors for SCG Partners, a middle-market private equity fund focused on diversifying and expanding Safeguard Properties’ business model into complimentary markets.

Alan joined Safeguard in 1995, learning the business from the ground up. He was promoted to chief operating officer in 2002, and was named CEO in May 2010. His hands-on experience has given him unique insights as a leader to innovate, improve and strengthen Safeguard’s processes to assure that the company adheres to the highest standards of quality and customer service.

Under Alan’s leadership, Safeguard has grown significantly with strategies that have included new and expanded services, technology investments that deliver higher quality and greater efficiency to clients, and strategic acquisitions. He takes a team approach to process improvement, involving staff at all levels of the organization to address issues, brainstorm solutions, and identify new and better ways to serve clients.

In 2008, Alan was recognized by Crain’s Cleveland Business in its annual “40-Under-40” profile of young leaders. He also was named a NEO Ernst & Young Entrepreneur of the Year® finalist in 2013.

x

Chief Operating Officer

Michael Greenbaum

Michael Greenbaum is the chief operating officer for Safeguard. Mike has been instrumental in aligning operations to become more efficient, effective, and compliant with our ever-changing industry requirements. Mike has a proven track record of excellence, partnership and collaboration at Safeguard. Under Mike’s leadership, all operational departments of Safeguard have reviewed, updated and enhanced their business processes to maximize efficiency and improve quality control.

Mike joined Safeguard in July 2010 as vice president of REO and has continued to take on additional duties and responsibilities within the organization, including the role of vice president of operations in 2013 and then COO in 2015.

Mike built his business career in supply-chain management, operations, finance and marketing. He has held senior management and executive positions with Erico, a manufacturing company in Solon, Ohio; Accel, Inc., a packaging company in Lewis Center, Ohio; and McMaster-Carr, an industrial supply company in Aurora, Ohio.

Before entering the business world, Mike served in the U.S. Army, Ordinance Branch, and specialized in supply chain management. He is a distinguished graduate of West Point (U.S. Military Academy), where he majored in quantitative economics.

x

CHIEF INFORMATION OFFICER

Sean Reddington

Sean Reddington is the new Chief Information Officer for Safeguard Properties LLC. Sean has over 15+ years of experience in Information Services Management with a strong focus on Product and Application Management. Sean is responsible for Safeguard’s technological direction, including planning, implementation and maintaining all operational systems

Sean has a proven record of accomplishment for increasing operational efficiencies, improving customer service levels, and implementing and maintaining IT initiatives to support successful business processes.  He has provided the vision and dedicated leadership for key technologies for Fortune 100 companies, and nationally recognized consulting firms including enterprise system architecture, security, desktop and database management systems. Sean possesses strong functional and system knowledge of information security, systems and software, contracts management, budgeting, human resources and legal and related regulatory compliance.

Sean joined Safeguard Properties LLC from RenPSG Inc. which is a nationally leading Philintropic Software Platform in the Fintech space. He oversaw the organization’s technological direction including planning, implementing and maintaining the best practices that align with all corporate functions. He also provided day-to-day technology operations, enterprise security, information risk and vulnerability management, audit and compliance, security awareness and training.

Prior to RenPSG, Sean worked for DMI Consulting as a Client Success Director where he guided the delivery in a multibillion-dollar Fortune 500 enterprise client account. He was responsible for all project deliveries in terms of quality, budget and timeliness and led the team to coordinate development and definition of project scope and limitations. Sean also worked for KPMG Consulting in their Microsoft Practice and Technicolor’s Ebusiness Division where he had responsibility for application development, maintenance, and support.

Sean is a graduate of Rutgers University with a Bachelor of Arts and received his Masters in International Business from Central Michigan University. He was also a commissioned officer in the United States Air Force prior to his career in the business world.

x

General Counsel and Executive Vice President

Linda Erkkila, Esq.

Linda Erkkila is the general counsel and executive vice president for Safeguard and oversees the legal, human resources, training, and compliance departments. Linda’s responsibilities cover regulatory issues that impact Safeguard’s operations, risk mitigation, enterprise strategic planning, human resources and training initiatives, compliance, litigation and claims management, and mergers, acquisition and joint ventures.

Linda assures that Safeguard’s strategic initiatives align with its resources, leverage opportunities across the company, and contemplate compliance mandates. Her practice spans over 20 years, and Linda’s experience covers regulatory disclosure, corporate governance compliance, risk assessment, executive compensation, litigation management, and merger and acquisition activity. Her experience at a former Fortune 500 financial institution during the subprime crisis helped develop Linda’s pro-active approach to change management during periods of heightened regulatory scrutiny.

Linda previously served as vice president and attorney for National City Corporation, as securities and corporate governance counsel for Agilysys Inc., and as an associate at Thompson Hine LLP. She earned her JD at Cleveland-Marshall College of Law. Linda holds a degree in economics from Miami University and an MBA. In 2017, Linda was named as both a “Woman of Influence” by HousingWire and as a “Leading Lady” by MReport.

x

Chief Financial Officer

Joe Iafigliola

Joe Iafigliola is the Chief Financial Officer for Safeguard. Joe is responsible for the Control, Quality Assurance, Business Development, Accounting & Information Security departments, and is a Managing Director of SCG Partners, a middle-market private equity fund focused on diversifying and expanding Safeguard Properties’ business model into complimentary markets.

Joe has been in a wide variety of roles in finance, supply chain management, information systems development, and sales and marketing. His career includes senior positions with McMaster-Carr Supply Company, Newell/Rubbermaid, and Procter and Gamble.

Joe has an MBA from The Weatherhead School of Management at Case Western Reserve University, is a Certified Management Accountant (CMA), and holds a bachelor’s degree from The Ohio State University’s Honors Accounting program.

x

AVP, High Risk and Investor Compliance

Steve Meyer

Steve Meyer is the assistant vice president of high risk and investor compliance for Safeguard. In this role, Steve is responsible for managing our clients’ conveyance processes, Safeguard’s investor compliance team and developing our working relationships with cities and municipalities around the country. He also works directly with our clients in our many outreach efforts and he represents Safeguard at a number of industry conferences each year.

Steve joined Safeguard in 1998 as manager over the hazard claims team. He was instrumental in the development and creation of policies, procedures and operating protocol. Under Steve’s leadership, the department became one of the largest within Safeguard. In 2002, he assumed responsibility for the newly-formed high risk department, once again building its success. Steve was promoted to director over these two areas in 2007, and he was promoted to assistant vice president in 2012.

Prior to joining Safeguard, Steve spent 10 years within the insurance industry, holding a number of positions including multi-line property adjuster, branch claims supervisor, and multi-line and subrogation/litigation supervisor. Steve is a graduate of Grove City College.

x

AVP, Operations

Jennifer Jozity

Jennifer Jozity is the assistant vice president of operations, overseeing inspections, REO and property preservation for Safeguard. Jen ensures quality work is performed in the field and internally, to meet and exceed our clients’ expectations. Jen has demonstrated the ability to deliver consistent results in order audit and order management.  She will build upon these strengths in order to deliver this level of excellence in both REO and property preservation operations.

Jen joined Safeguard in 1997 and was promoted to director of inspections operations in 2009 and assistant vice president of inspections operations in 2012.

She graduated from Cleveland State University with a degree in business.

x

AVP, Finance

Jennifer Anspach

Jennifer Anspach is the assistant vice president of finance for Safeguard. She is responsible for the company’s national workforce of approximately 1,000 employees. She manages recruitment strategies, employee relations, training, personnel policies, retention, payroll and benefits programs. Additionally, Jennifer has oversight of the accounts receivable and loss functions formerly within the accounting department.

Jennifer joined the company in April 2009 as a manager of accounting and finance and a year later was promoted to director. She was named AVP of human capital in 2014. Prior to joining Safeguard, she held several management positions at OfficeMax and InkStop in both operations and finance.

Jennifer is a graduate of Youngstown State University. She was named a Crain’s Cleveland Business Archer Award finalist for HR Executive of the Year in 2017.

x

AVP, Application Architecture

Rick Moran

Rick Moran is the assistant vice president of application architecture for Safeguard. Rick is responsible for evolving the Safeguard IT systems. He leads the design of Safeguard’s enterprise application architecture. This includes Safeguard’s real-time integration with other systems, vendors and clients; the future upgrade roadmap for systems; and standards designed to meet availability, security, performance and goals.

Rick has been with Safeguard since 2011. During that time, he has led the system upgrades necessary to support Safeguard’s growth. In addition, Rick’s team has designed and implemented several innovative systems.

Prior to joining Safeguard, Rick was director of enterprise architecture at Revol Wireless, a privately held CDMA Wireless provider in Ohio and Indiana, and operated his own consulting firm providing services to the manufacturing, telecommunications, and energy sectors.

x

AVP, Technology Infrastructure and Cloud Services

Steve Machovina

Steve Machovina is the assistant vice president of technology infrastructure and cloud services for Safeguard. He is responsible for the overall management and design of Safeguard’s hybrid cloud infrastructure. He manages all technology engineering staff who support data centers, telecommunications, network, servers, storage, service monitoring, and disaster recovery.

Steve joined Safeguard in November 2013 as director of information technology operations.

Prior to joining Safeguard, Steve was vice president of information technology at Revol Wireless, a privately held wireless provider in Ohio and Indiana. He also held management positions with Northcoast PCS and Corecomm Communications, and spent nine years as a Coast Guard officer and pilot.

Steve holds a BBA in management information systems from Kent State University in Ohio and an MBA from Wayne State University in Michigan.

x

Assistant Vice president of Application Development

Steve Goberish

Steve Goberish, is the assistant vice president of application development for Safeguard. He is responsible for the maintenance and evolution of Safeguard’s vendor systems ensuring high-availability, security and scalability while advancing the vendor products’ capabilities and enhancing the vendor experience.

Prior to joining Safeguard, Steve was a senior technical architect and development manager at First American Title Insurance, a publicly held title insurance provider based in southern California, in addition to managing and developing applications in multiple sectors from insurance to VOIP.

Steve has a bachelor’s degree from Kent State University in Ohio.