6 Cybersecurity Tips for Real Estate Agents

Real Estate Technology Trends CRM Technology Trends

In the wake of the Equifax breach, it's important for individuals and businesses to revisit their cybersecurity practices. Many small businesses operate under the presumption that they're unlikely to be targeted by hackers, but this is simply untrue - according to one source, over half of all attacks are against small business owners. This is especially worrying for real estate agents and Realtors, who handle sensitive data and personally identifying information on a daily basis. Check below for a few tips that can help you massively increase your cybersecurity profile with very little effort.

1. Don't click on email links, attachments, or images unless they are from a trusted source

These sorts of clickable events are commonly used to download malware on to your computer or handheld device. If you need to click a link or open an attachment, closely examine the sender's email address first: make sure that the email was sent from the correct address. Attackers often slightly change the address (e.g., info@amazon-payments.com instead of info@amazon.com) to convince you that their email is legitimate. If in doubt, contact customer support for the product or service in question and verify that the email is from them.

2. Avoid unsecured, public Wi-Fi connections

You should never work with sensitive information over a public Wi-Fi connection. When you're working on a public Wi-Fi network, even novice hackers can eavesdrop on your activities and record all data sent to and from your device, such as passwords.

This rule also applies to mobile devices. Many phones are set to automatically connect to Wi-Fi networks in their vicinity. Unless you have a good reason to keep this setting active, you should disable it so that your phone doesn't connect to unsecured networks.

If you frequently find yourself needing to use public Wi-Fi, it's best to secure your communications by using a VPN.

3. If you're using a CRM, make sure that the site and associated data is served securely

When speaking about HTTPS, you'll sometimes hear the terms "Transport Layer Security" (TLS) or "Secure Sockets Layer" (SSL); for the sake of simplicity we'll continue referring to this form of security as HTTPS. On the web, anything that is not served over HTTPS is vulnerable to something called a man-in-the-middle attack.

When you're accessing a website via HTTP, the data that you send and receive from that computer is unencrypted. This means that anyone can listen in on your communications and, if they want, malicious users can even alter that information. Traffic served over HTTPS is encrypted by default, making it much harder for hackers to access your sensitive data.

If you're using a CRM - especially if you work with sensitive or personally identifying information within that CRM - you'll want to make sure that every part of that application is secure. For a quick evaluation, look at your URL bar to find a visual indication that the site you're on is served over HTTPS.


Chrome browser HTTPS indication


Firefox browser HTTPS indication

Internet Explorer

Internet Explorer HTTPS indication

There are, of course, other security considerations to be made. To make sure that your data and the data of your clients is handled safely, you should check with your CRM provider to see what security measures they have in place. And while we're on the topic of HTTPS....

4. Don't put credit card or bank information into a non-HTTPS form

If you're ever making a purchase online or providing personally identifying information using an online form, you should only do so if the website is served over HTTPS. Without HTTPS, you'll run into the same issues detailed above - whatever information you've entered into that form (e.g., your credit card number, social security number, etc.) can be intercepted by hackers.

5. Get your site up and running with HTTPS

If you're processing payments on your own company website, you should definitely be using HTTPS. This will help protect your users' information and save you a lot of legal trouble down the road should you be targeted by hackers.

If you do not deal with sensitive data on your website, you should still consider protecting your site with HTTPS. Why? Because Google and other browsers are slowly but surely taking action against non-secure websites. Google recently stated that they would start marking pages served over HTTP as "Not Secure" in Chrome. This change to the Chrome browser applies to any webpage where the user can input data.

However, Google has signaled that it wants to eventually flag all webpages not served over HTTPS as "Not Secure". So if you're company website is served over HTTP, this will be the first thing your customer sees:

Chrome HTTP warning

Although it used to be a hassle to acquire and maintain security certificates for HTTPS, there are now many free services that facilitate simple setup. CloudFlare is one such service that can help you get started with HTTPS quickly and easily. On top of that, CloudFlare can speed up your website, which will improve search engine optimization (SEO).

If you're thinking about making the jump to HTTPS but you don't feel tech-savvy enough to do it, it's best to consult with an IT professional.

6. Make sure your clients are aware of these security tips

Finally, make sure your clients are following these same guidelines:

  • They should be wary of clicking on email links, attachments, or images.
  • They should verify that email communications with your business are from your domain. If your email address is @abc.com, your clients need to make sure that emails from your business come from @abc.com and not something similar like @abc-realty.com.
  • They should not send you sensitive information over non-secure and/or public Wi-Fi networks.

As a real estate agent or Realtor, you work closely with your clients and have access to some of their most sensitive data. By encouraging them to follow these security guidelines, you help safeguard them against attack even after you've got them settled in their cozy new home.

Article by REALToDo Real Estate CRM, a simple CRM for real estate agents. Did you find this article useful, flawed, or downright offensive? Let us know in the comments! If you enjoyed the article and want to see more, like us on Facebook and follow us on Twitter!

Please note that realtodo.com participates in the Amazon Services LLC Associates Program. We're enrolled in this program largely to comply with copyright laws, but this does mean that we earn fees by linking to Amazon.com and affiliated sites. Look here to see more details on the Amazon Associates Program and why we're enrolled.

Author image

About James Royce Threadgill

Founder of UbiquiTools LLC. Coder/creator of REALToDo real estate CRM. Chemical engineer that previously worked in gene therapy and green plastics before founding UbiquiTools.