“It Just Started Doing This…”
There are gremlins in your computer.
You sit down, click the icon to connect to your Internet account, and get
ready to check your email.
Suddenly, your modem clicks a bit, and then begins re-dialing the Internet. Your browser pops open another window, all by itself, and you’re presented with a page of pornographic filth so startling and repulsive in content that your first instinct is to quickly close the offending browser window, and cast an eye over your shoulder to see if the kids are watching.
You continue to open your email program, but suddenly it happens again! Your modem spontaneously hangs up the line, then immediately begins to re-dial, for no apparent reason.
You’ve been highjacked, and infected with a “porn dialer”, which automatically dials a (sometimes) long-distance number, connects to the Internet, and then forces you to a pornographic web site. You’ve been very careful to keep your anti-virus software up to date, and you never open suspicious emails. You even tried to get your REALTOR® Association to drop you from their mailing list, because you were afraid their communications might carry virus infections. Why, and more importantly how, did this happen to your carefully protected computer?
In the last few weeks, I’ve had occasion to hear the tales of woe from two of our NSDCAR members, whose computers were hopelessly infested with spy ware, ad ware, and porn dialers. They had taken all the usual precautions, to no avail. But what they both had in common was one HUGE contributing factor; in both cases, an adolescent relative was using their business computer system, which was also their home PC.
Why, pray tell, would anyone allow a teen or child to use their business computer? Simple… it’s too expensive to provide a PC for every member of the family, and close supervision of their children’s online activity is usually deemed enough caution for the situation.
Bad news, folks… “Close” supervision is absolutely NOT ENOUGH!!! And anti-virus software is now, in today’s Internet threat environment, only one-third of the necessary protection suite. You need ad-ware and spy-ware protection, and a personal firewall, as well, to avoid handing your machine to a hacker for criminal pursuits.
A child, even an eighteen-year-old, does not have the social skills and technical training, in most cases, to make reasonable decisions about how to respond to a pop-up window, what Internet web sites represent a risk, and how to detect and respond to invasive software running on your PC. Kids are tempted by alluring advertisements of “forbidden fruit”, such as lurid images of naked girls or promises of the greatest new toy since the Yo-Yo, or an interactive graphic that lets them "Shoot the Duckies". A window pops up, they click the “close” button in the upper right corner, and they investigate no further. Or, the window pops up, the promise within the window is too great to ignore, and they click on the button that takes them immediately to the website, at which point it’s too late, if browser and firewall configurations are not set up correctly. The “invader” is through the gate, over the moat, and taking up residence in your digital domain, ready to turn your computer into a nuisance, or even transform it into a “spam hydrant”, broadcasting filth and annoyance to thousands of other Internet users, every time it runs.
Most of the current operating systems in use today allow for individual user accounts to be set up on the machine, so that each user who “logs in” gets their own preferences for color, desktop appearance, browser settings, document storage locations, etc. Yet, almost none of the computers I’ve serviced in recent months has these amenities set up and working, and many users don’t even know they exist.
Your child, or your 18-year-old brother-in-law, or even your grandma should never sit down to your computer and be granted access to your important client information. And if that information contains ANY personally identifiable information or credit and banking information, allowing others access to it may be subjecting you to a real risk of state or federal prosecution. If you collect information about people as a business function, you are responsible for the safeguarding and any distribution of that information. It’s a serious matter, and one that gets almost no attention. After all, the computer’s locked in your house, and you don’t allow “strangers” to use it, do you? Well, from a legal perspective, anyone that’s not directly in your employ, and who has access to your data, represents a liability risk to your business or real estate license. You may be asked, at some point, to surrender your computer for forensic investigation. And in today’s post-911 “Homeland Security” environment, a warrant is not even needed. If you cannot prove that you’ve exercised due diligence in protecting your clients’ sensitive information, you could be facing loss of your liability insurance, loss of your license, and even fines and jail terms. And are you really sure that there are NO illegal pictures on your computer? Do you know FOR SURE the name and location of every file your grandchild or son-in-law or guest has downloaded? Is every software program on your computer legally licensed for your use, and can you produce the silly cardboard certificate that came in the package? If the FBI had direct access to your hard disk and its contents, would you be absolutely comfortable with that?
Identity theft is a multi-billion- (with a ‘b’) dollar drain on our national economy, and computer-based businesses will soon face a plethora of new legislation to combat these crimes and losses. And few industries, at this point in time, are as deeply involved in a technological metamorphosis, as is the business of real estate. Taking a few extra steps to ensure compliance with state and federal mandates, and to protect the business side of your computer from idle fingers and eyeballs, is just good business and just common sense.
I would strongly urge any REALTOR® to keep their business computer separate from their household PC. If this is just too expensive a proposition, then at least hire an expert to configure your computer with user accounts for each family member, granting them access to only the applications and folders that do not contain client and business information.
I would also urge every real estate practitioner to begin planning and implementing a backup strategy, that gives them the safety net of having all of their important information and contacts stored on removable media, for quick recovery in the event of a disastrous infection or hardware failure.
We can no longer afford to “assume” the best until the worst happens. We can no longer view computer “paranoia” as negative thinking, and rest in the assurance that if you don’t invite an attack, it won’t happen. And we certainly can’t assume that “those kids are great with computers… I don’t worry about little Katy being online… she knows the rules”.
Real estate practitioners, who often work independently and own their own technological business solutions, are, in this author’s opinion, some of the worst informed and least-protected Internet users. For years, we’ve gotten by with the bare minimum of computer protection, except in large corporate offices with IT budgets and sophisticated networking technology.
Stop and smell the breezes… the wind has shifted, and our industry will soon be subject to more and more scrutiny, more and more legislation of necessary computing practices, and more and more litigation over unprotected intellectual assets and theft of personally identifiable information. Take the time, NOW, to learn what you need to know, to protect yourself and your clients from the worst the World Wide Web has to offer. Then, learn how to use the best of the Web to take your real estate endeavors to the next level. It’s your industry… shape it. Or, choose to let your government, legislators, and law enforcement shape it for you!