Learn about our commitment to ensuring your data won’t end up in the wrong hands.
The most important step in data protection is making sure you have the right people carrying out the right procedures. Without this, most other forms of protection are not as resilient.
Our hiring policy requires all employees to undergo background checks, and many of our employees are state-licensed professionals. All of our employees receive security training. Most importantly, access to all systems is restricted, and only people the “need to know” will review your data.
On the technical front, our developers have undergone extensive technical security training. We regularly review our code for potential vulnerabilities. Additionally, we use modern web development technologies that have built-in protection against the most commonly used exploits.
Encryption is a way of scrambling your data so that only trusted parties can read it. We use regularly updated SSL certificates so you can always verify and trust that you are communicating with our website. Once the data is stored in a database, all sensitive information is secured in an encrypted format.
We regularly review our code for security vulnerabilities, and keep up to date on the newest technologies to stay ahead of the attackers. We use automated vulnerability scanners to detect and alert us of any potential gaps in our defenses.
User access and permissions are only granted on a need to know basis.
For an extra level of protection, we use two factor authentication.
Passwords are hashed and salted and have strict entropy requirements.
All sensitive data is scrambled with bank-level encryption both at rest and in transit.
Any user with suspicious behavior is automatically locked out of the system.
We stay up to date with development best practices, such as OWASP Top 10.
Rest assured, we have put a combination of approaches into place, encompassing people, technical processes and physical systems. Even though it can be stressful getting a mortgage, we hope to prevent additional stress by ensuring your financial and personal information is safeguarded.