Firm Security
Security should be job number one for all attorneys. Why? Because we handle confidential computer data, usually nonpublic documents and information that belongs to our clients, not us. We have an ethical duty to protect this information under Rule 1.6 of the ABA Model Rules of Professional Conduct.
In addition to being a residential closing bank attorney, FGTD is also collateral attorney for various lenders whereby we hold and deliver original documents to the new lenders in exchange for the payoff funds. We do this for coop payoffs as well as assignments. For coops we deliver the original Stock Certificate and Proprietary Lease. For assignments we deliver the original Notes, Mortgages, CEMA's and other documents necessary for a CEMA to occur.
There are many new regulations in our industry that have been issued over the last few years that lenders are required to follow to insure that their vendors, including their attorney representation, are monitored and complying with the new security and compliance requirements.
FGTD has successfully implemented and exceeded the Cybersecurity Regulations implemented by Governor Cuomo and have been successfully vetted by several Lending Institutions. We have complied and passed our audit with the High Risk requirements implemented for settlement agents when acting as bailee and holding original collateral and in possession of personal information of borrowers.
If you are a Lending Institution, or a purchaser or seller of Real Estate, and have a specific attorney/representative in New York that you use and you are comfortable that they comply, then you should be protected. However, if you do not and you send your personal information to attorneys that do not have proper security in place, your sensitive personal information may be at risk.
What we have done to comply:
Physical security overhaul including alarm system, surveillance cameras, door locks, and locked, fire-proof cabinets for document storage when necessary. Security system upgrade, including alarm system, video surveillance, panic buttons, IT security room. Restricted access areas locked at all times.
LOCKED Fireproof cabinets to protect original Notes, Stocks, Leases and other valuable collateral in the event of a disaster or theft.
Information security policies, including system hardening procedures, intrusion prevention, anti-virus, content filtering, anti-malware, VPN.
Developed on-boarding and off-boarding procedures as well as training procedures for staff.
Implemented encryption technology for all data in transmission (i.e. email) or at rest (i.e. servers, copiers).
Disabled flash storage capabilities on all copiers and computers. Secure copiers so no one can access and capture any customer confidential or personal information by use of flash drives.
Implemented a Business Continuity plan to protect data/systems, maximize efficiency and minimize downtime. This plan is reviewed and tested on a regular basis by our IT staff. Business Continuity Plan in the event of a disaster, including but not limited to critical third party framework for recovery, notification/escalation process, call lists, restoration plans to ensure business as usual activities are resumed after an event, replacement facilities, off-site backup server.
Record/content retention policy which includes secure destruction guidelines.
Developed an exclusive, customized database for document tracking and Incident Management procedures.
Data loss prevention systems, preventing employee access to social media sites (i.e. Facebook), and personal email (i.e. Gmail). Information Security Policy for social media that prohibits access to all social spaces (Gmail, hotmail, Facebook, Twitter, Tumblr, etc.)
Employee recruitment including background checks.
Confidentiality and Non-disclosure agreement for employees.
Maintenance of malpractice insurance (E and O policy) and Fidelity Bond Coverage.
In addition to being a residential closing bank attorney, FGTD is also collateral attorney for various lenders whereby we hold and deliver original documents to the new lenders in exchange for the payoff funds. We do this for coop payoffs as well as assignments. For coops we deliver the original Stock Certificate and Proprietary Lease. For assignments we deliver the original Notes, Mortgages, CEMA's and other documents necessary for a CEMA to occur.
There are many new regulations in our industry that have been issued over the last few years that lenders are required to follow to insure that their vendors, including their attorney representation, are monitored and complying with the new security and compliance requirements.
FGTD has successfully implemented and exceeded the Cybersecurity Regulations implemented by Governor Cuomo and have been successfully vetted by several Lending Institutions. We have complied and passed our audit with the High Risk requirements implemented for settlement agents when acting as bailee and holding original collateral and in possession of personal information of borrowers.
If you are a Lending Institution, or a purchaser or seller of Real Estate, and have a specific attorney/representative in New York that you use and you are comfortable that they comply, then you should be protected. However, if you do not and you send your personal information to attorneys that do not have proper security in place, your sensitive personal information may be at risk.
What we have done to comply:
Physical security overhaul including alarm system, surveillance cameras, door locks, and locked, fire-proof cabinets for document storage when necessary. Security system upgrade, including alarm system, video surveillance, panic buttons, IT security room. Restricted access areas locked at all times.
LOCKED Fireproof cabinets to protect original Notes, Stocks, Leases and other valuable collateral in the event of a disaster or theft.
Information security policies, including system hardening procedures, intrusion prevention, anti-virus, content filtering, anti-malware, VPN.
Developed on-boarding and off-boarding procedures as well as training procedures for staff.
Implemented encryption technology for all data in transmission (i.e. email) or at rest (i.e. servers, copiers).
Disabled flash storage capabilities on all copiers and computers. Secure copiers so no one can access and capture any customer confidential or personal information by use of flash drives.
Implemented a Business Continuity plan to protect data/systems, maximize efficiency and minimize downtime. This plan is reviewed and tested on a regular basis by our IT staff. Business Continuity Plan in the event of a disaster, including but not limited to critical third party framework for recovery, notification/escalation process, call lists, restoration plans to ensure business as usual activities are resumed after an event, replacement facilities, off-site backup server.
Record/content retention policy which includes secure destruction guidelines.
Developed an exclusive, customized database for document tracking and Incident Management procedures.
Data loss prevention systems, preventing employee access to social media sites (i.e. Facebook), and personal email (i.e. Gmail). Information Security Policy for social media that prohibits access to all social spaces (Gmail, hotmail, Facebook, Twitter, Tumblr, etc.)
Employee recruitment including background checks.
Confidentiality and Non-disclosure agreement for employees.
Maintenance of malpractice insurance (E and O policy) and Fidelity Bond Coverage.