Ridge Home Loans

1.0 Device Security

This section ensures that you are taking necessary precautions with regards to the computers, cell phones, or other devices that you use to access client data.
1.1 Do all of the devices that you use to access or store client data have at least one active anti-malware program?(Required)
1.2 Do you update anti-malware software as soon as updates are released?(Required)
1.3 Are settings configured to automatically check for updates?(Required)
1.4 Are all the devices you use for work password protected?(Required)
This includes laptops, cell phones, tablets, etc...
1.5 Are your device passwords at least 8 characters in length, including numbers, letters, and symbols?(Required)
1.6 Do you update your password every 90 days, when reminded by email?(Required)
1.7 Do you store your work devices in a secure location away from common areas of your home, office, or elsewhere?(Required)
1.8 Do you use your computer strictly for work purposes and refrain from installing applications and programs not necessary for work?(Required)
1.9 Is access to your work devices (computers and phones) restricted to yourself?(Required)
This includes restricting access to these devices by family, friends, roommates, etc…

2.0 Network Security

Your network facilitates your internet traffic. A secure network is important in protecting client data when connected to the internet.
2.1 Do you use a VPN when working from public networks?(Required)
2.2 When working from home or the office, is the Wifi router configured to have the highest possible encryption standard?(Required)
2.3 Are automatic updates enabled in your home and office router/network firewall settings?(Required)
2.4 Are your home and office Wifi network passwords comprised of a random mix of upper and lower case letters, symbols, and numbers, and at least 12 characters in length?(Required)
2.5 Do you keep this password to yourself and avoid sharing it with others?(Required)
Have you disabled the DMZ and Universal Plug-and-Play from your home router if applicable?(Required)

3.0 Data Security

How you accept, process, and store client data is integral to the privacy of their documents and data.
3.1 Do you speficially instruct clients not to send documents and sensitive data to you through email?(Required)
3.2 Do you use an encrypted, secure platform for clients to submit documents and sensitive data?(Required)
3.3 Do you store client data on a secure, encrypted device, server, or cloud service?(Required)
3.4 Is access to the stored client data and documents restricted to only you and the appropriate company administrator by a password at least 12 characters long, consisting of letters, numbers, and symbols?(Required)
3.5 On a quarterly basis, do you delete client data that is no longer required to be retained?(Required)
3.6 Do you avoid sending documents or information containing clients’ personally identifiable information (“PII”) to third party providers such as title, insurance, appraisal, or other companies through email?(Required)
3.7 Are all backups of client data encrypted and password protected/access restricted?(Required)

4.0 Data Privacy

All LendSafe certified lenders agree to not share or sell client information to third parties for any reason not expressly approved by their clients.
4.1 Do you confirm that you do not share client information, documents, or data with any third parties without your clients’ clear consent?(Required)
4.2 Do you confirm that you do not share your client lists, email addresses, or other contact information with anyone?(Required)

5.0 Account Security

Your online accounts are another way that hackers can access client data. The following questions determine whether your online accounts are following our standards.
5.1 Do you use a different, unique password for each online account(Required)
5.2 Do you avoid using any accounts for both your work and personal life?(Required)
This includes email, Dropbox, Google Drive, etc...
5.3 Do you change your online account passwords at least every 90 days?(Required)
5.4 If you use a password manager, is access to the password manager restricted to only you?(Required)
5.5 Do you enable multi-factor authentication on any online account that allows it(Required)

6.0 Other Regulatory Compliance

This section confirms you follow and understand other regulatory requirements unrelated to data security.
6.1 To the best of your knowledge are you in complete compliance with all relevant state and federal regulations that apply to your business?(Required)
6.2 Do you understand and comply with the rules set forth in Regulation N and Regulation Z regarding advertising?(Required)
This includes social media posts, blog posts, and traditional advertising.

Contact Us

Thank you for contacting LendSafe. You are one step closer to getting certified for being in compliance. Please leave your question below and someone will get back with you as soon as possible.

This field is for validation purposes and should be left unchanged.