e-mail security for real estate agents

Security is something we all think of regularly when it comes to technology. We use security software on personal computers, tablets, and smartphones. In the real estate world, every REALTOR and real estate broker use technology every day.  The use of some security measures is a good thing and a necessity in this time. REALTORS generally transmit personal information, mortgage information and other sensitive data over their “free” e-mail account. Real estate agents have their clients sign a document explaining “agency”.  In that document, they guarantee a certain level of privacy.  Using what may technology vendors look at as “obviously not secure”, using a FREE E-mail system may not be enough to avoid being responsible.

Is The Broker or the Agent At Fault?

The unfortunate answer to that is BOTH.  Both the real estate broker and the individual REALTOR are both responsible for data breaches that affect their customers and clients.  Many real estate brokers provide their agents with broker branded e-mail accounts.  Needless to say, if the broker is providing the e-mail then they are directly responsible.  Even if the broker does not provide the e-mail, in most states they have ultimate culpability for the agents on their roster.  At the agent level, if you have subscribed to a free e-mail service, especially one known for security vulnerabilities (such as AOL) then you are responsible too.  Remember, in most states, the real estate agent is the person who has the agency relationship with the client.  This is a problem when you have active homes for sale.

Large Breaches In Security

email security Back in 2014, Yahoo, EBay, Home Depot, and AOL were breached by hackers who stole the data of more than 500 Million user accounts. This information included things such as usernames, passwords, email addresses, phone numbers, as well as other sensitive information.  For any real estate agent using one of these systems, the confidential aspect of their real estate transaction could be at risk.  The mentioned breaches are only a small number of successful attacks which took place in 2014. Many of the email providers that people use for personal email simply do not deploy or maintain the same security measures one may find with a dedicated exchange server.

Companies like Yahoo and AOL were great for providing a free personal email account in the early days of the internet. However, they should not be used to transmit sensitive sensitive data of any kind. Using AOL is a bad idea in itself. The company has been a target for hackers for many years because of a lack of security. At the same time, Yahoo is not much better. It too has been a target favored by hackers for many years. Companies this large have attempted breaches of security almost daily if not more often. The public only hears about the large breaches that are made public.

For an interesting view of recent breaches over the years, take a look at the chart here: Worlds Biggest Breaches. The page is a great visual representation of some of the biggest breaches in the last decade.

words biggest security breaches
When it comes to security of data, the user’s computer or device is not the end of the line. To protect data regardless of being personal, business related, or otherwise, the user must think much farther down the line and be proactive against possible breaches of security. Far too many people are using insecure methods of exchanging data. Lawyers, doctors, real estate agents, corporate CEOs, and many others are using personal email accounts to transfer data with clients or other organizations, often never realizing that the risk is not at the computer sending the email. Nor is it the issue with the computer receiving the email. The real issue is with the service being used to send or receive the email or other message.  With real estate agents transferring critical, personal information over their e-mail, REALTORS may have some level of culpability if a security breach is found. Simply using a service that has had a data breach puts real estate agents at risk.

Website Vulnerability

If you do business through your real estate website, anything that passes through there, such as your clients:

  • Names
  • Email Address
  • Home Address
  • Phone Number
  • Other Potentially Private Information

If you own your domain – and pass client information of any sort, you are responsible for that data.



security hackUsing a service that has had a data breach is a serious risk. Any messages that are transmitted can be seen and manipulated by a third party aka the hacker. The stolen data is often sold on the black market and then used for many things like identity theft. The information pertained in one account is often similar to, if not the same as, the information used in other accounts for the same person. Once a hacker or organization has enough information it can be used to check for accounts and other information on many different websites. This means that the email used to create a Facebook account is often the same as the one used to create an Instagram account. The chances that both accounts use the same password are fairly high. All the security questions that are answered are also common among many websites making that information just as valuable as the email and password.

Secure e-Mail Options for Real Estate Agents

There are many better options in email services for both business and personal use. Companies like Microsoft and Google offer free email services for personal use as well as dedicated email domains for business use. Both are much more secure than using an outdated service like AOL. When transmitting sensitive data related to business, an employee should never use a personal account for any communication. All employees should use the company provided email account for security. As for personal email accounts, there are many free secure options available. Microsoft offers a free outlook.com account to anyone signing up for a Microsoft account. Google has always been free to sign up for an account that includes much more than just email. A Google account gives the user access to many different services and tools from Google. There are many more free email services for personal use available on the internet.

Digital Security

Security is a big factor in the world when it comes to digital information. The use of old outdated systems like AOL can lead to potential data breaches by outside sources. Moving email and messaging services away from old systems is a simple step to keeping all data and communications secure. The next step is to keep personal messages separate from business. Never use a personal account for company related communication and vice versa. Finally, using simple passwords is a disaster waiting to happen. Creating secure passwords and changing them often is the best way to keep all communications secure. The password that is used with one account should not be used with other accounts. All these steps mentioned will help to ensure all communications, personal and business related, stay secure and out of the hands of hackers and other malicious persons.