Security of Your Information

A hacker in a room of computers

There is an old saying, “a chain is only as strong as its weakest link.”  No matter how strong the other links are, it will be the weak one that breaks and causes failure.

This same concept applies to keeping your personal information safe.

Zoom Mortgage Pros, Inc. (ZMPI) exceeds the regulatory requirements to ensure your data stays safe.

It is common knowledge that mortgage brokers work with highly sensitive financial information and are often the targets of malcontents trying to steal it.

To keep your information secure, we have incorporated some of the same systems and software (backbone, storage, encryption, etc.) that companies like PricewaterhouseCoopers,, and HP use.

We have specific and different protocols that are employed depending on the type of information and the method it is sent.

  • Portal Upload & Storage are transmitted via SSL and stored on SSAE16 SOC 2 Type II certified data centers.
  • Emails we send are encrypted using Transport Layer Security (TSL), the industry standard for safety.  A great article that explains this in detail is TLS Basics.

While we are confident of our data security, as again it meets or exceeds regulations, it is still possible to have a related breach, and when that occurs, it will be the weak link of the chain.

Should a breach occur it is often the end user (in our case usually the Borrowers) lack of security that will cause a leak of information.

We take guarding your data seriously, and you should as well.

Here are 7 things you can do to keep your data safer.

  1. Use Complicated Passwords

Yes, it’s a necessary pain in the butt.  But the strategy below makes it simple, keeps every site with their own password (see #2), and makes your passwords easy to remember.

Take the chorus of your favorite song (let’s Amazing Grace (chorus is Amazing Grace How Sweet The Sound)

Year of Birth (say 1972)

The website you’re using the password for (Say Gmail).

Now combine them:

  • Use the first letter of each of the chorus words in Capitals (AGHSTS)
  • Use the first 2 digits of your birth year (19)
  • Use the last two of your birth year WITH THE SHIFT KEY) in this case shift 7 is & and shift 2 is @ so (&@)
  • Use the first 3 letters of your site name in reverse (gma) and combine them

This would give us the password of AGHSTS19&@gma

If the site was the password would be AGHSTS19&@ama

It would take nearly 1 trillion years to brute force crack these passwords. (Thank you to for the calculations)

  • Do not use the same password at more than one site.   

By using a formula that includes the name of the site each of your passwords will be unique.

Hackers know people will often use the same password on multiple sites, and they rely on that to exploit you when the figure out one password, they will try your main email address and the password they have discovered to gain access.

  • Install System Updates

Simple as it sounds, but do it on your computers, your routers, your mobile devices.  Many times, the reason for an update is that a vulnerability has been discovered and the software provider has corrected the weakness.

  • Use a VPN

A VPN is a low-cost way of keeping your information secure (usually $25 a year or less).  In super simple terms it creates an insulated line of direct communication between 2 points (i.e. your laptop and the internet).   It makes your computer invisible to the rest of the internet while your using the internet.

  • Don’t Use Public Free Networks Or Public Computers.

Free WI-FI are considered open networks. Most people are just happy for the service, but sometimes those connections are not as secure as they may seem.

Two of the favorite hacker tools used in open networks are capturing the information your computer is sending over and unprotected network (sniffing) or steering you to a fishing site where they drop a payload of malware or capture your login credentials.

FREE WI-FI is just not worth the risk (with a VPN it is much safer).

  • Verify Known Senders

A good habit to get into, is to take a quick second and click on the drop down box to look at the sender information.

The domain should match the sender you expect it to be.


If you get an email that appears to be from McAfee. Click on the drop down arrow (where the Red Arrow is pointing)

If you expect this to be from McAfee (as indicated by the green arrow) it should have in the sending domain information (gray arrows).

Additionally… should be on the right of the @ symbol AND in the most right position.

CorrectIncorrect & Dangerous  

Remember it is the last two text combonations separated by the right most period that make up the domain (where the information is going to).

While at first glance has the words we expect, this email is going to someone at which has nothing to do with McAfee.

By doing a quick drop down on the email addressing information, you can weed out phishing attempts and keep your information more secure.

Personal Note:

I deal with someone with an extremely unique name at an escrow company.  While in the middle of a transaction I received and email that just didn’t look right with the subject line, Here’s the payoff you requested.

My spam filters (and we have world class spam filters) did not tag this as a phishing attempt.

It looked right, but I already had the payoff.

It wasn’t until I reviewed the addressing information that I saw it said when it should have said

Checking the addressing information minimizes mistakes and protects our clients.

  1. Destroy Old Computers and/or Hard Drives

Have you ever wondered why it takes so long to save files on your computer but it only takes a split second to erase a file? 

The reason is when you delete a file (even from your recycle bin so you cant recover it), the data still exists.  Deleting the file simply removes the file information from the file system.

Think of it like this.

The data file system is like the old Library Card Catalogs.  (for those of you who are too young watch this video start at 45 seconds… a library card catalog was a file of 3×5 cards that had the name of a book on them.  They were in alphabetical order, so if you knew the name of the book, you could look it up on the card catalog and it would give you the Dewey decimal number of book then you could go find the book).

When you erase a file, all your doing is removing the card from the card catalog.  The book still exists.  It will continue to exist until the storage device decides it needs that space to write something.

Even then, it may just write a small bit leaving the rest of the file intact (so you have a slightly less perfect file).

If you want to donate or sell your computer find a program that can do a DoD Wipe and use it.  Do a search for D0D 5220.22M on google and choose one of the programs that is compliant.

We do everything we can to keep your data safe, but our efforts are futile if YOU, “the user” do not do your part.

These tips when followed will increase your data security and make all links of the chain equally strong.

Follow Us For Updates


Submit a Comment

Your email address will not be published. Required fields are marked *

What Can Zoom Mortgage Pros Do For You?

We find the best real estate loan program for your purchase or refinance and handle all everything from our initial conversation through closing and funding.

Related Posts

Sponsoring Mother’s Day Bingo

Sponsoring Mother’s Day Bingo

Zoom Mortgage Pros, Inc (ZMPI) was proud to sponsor Mother’s Day Bingo to help support The Inland Gateway of Realtors (and California Association of Realtors) Housing Affordability Fund – a nonprofit 501(c)(3) dedicated to addressing California’s growing housing...

Data Security Soc2 Compliance

All information and documents uploaded, downloaded, or transmitted through the Our Portal Service are processed using secure encryption. All communications, including website and API access, are transmitted over SSL (HTTPS). Our data center is guarded 24/7/365 by...

Lunch and Learn Program

Lunch and Learn Program

Our goal is simply to educate seniors about the potential benefits of a reverse mortgage, dispel misconceptions many have, and provide access to experts should they have future questions.