account security

Rentec Direct has always been on the forefront of securing your data and we have exciting news about new protections we’re making available for your account. Rentec Direct was the first, and perhaps still the only, property management software solution to implement Cloudflare’s powerful web application firewall which protects our systems and your data by stopping attackers before they even touch our servers.  Rentec Direct was also the first to offer two-factor authentication to secure your data even in the event your password fell into the wrong hands.  

See, we’re not just security conscious, we’re absolutely fanatical about security around here.  Your data is precious and we’re taking extraordinary measures to protect it every day so you don’t have to worry about somebody illegally accessing it or using your account for nefarious purposes.  (I really enjoy it when I can work the word nefarious into any article.)  

Rentec Direct continues leading the charge for account security by bringing these additional new security features.  You won’t find this level of security anywhere else in the industry, I promise.

  • Automated security notices.  Beginning November 10th, 2019 we’ll begin notifying you if there’s a new unrecognized login to your account.  For example, if you log in to your account every day from the office, and maybe periodically from home too we monitor these logins and consider this normal activity.  But suddenly if there is a new login from a hundred, or ten thousand miles away, we’re going to immediately send you an email letting you know about this new login and where it’s from.  This will give you an instant notification if your account falls into the wrong hands so you can change your password or activate some of these new security features we’re going to talk about next. 
  • Restrict international access.  Most hacking attempts do not originate in the US, they are coming from other international locations (hello Nigeria).  We now identify every login into the system and where it comes from. If you want to restrict International access to your account, it’s now easy to do.  Just head on over to Settings, Login & Password, and turn off “Allow International”. If that’s unchecked we will reject any attempted logins to your account from non-US based locations.  You can set this setting for your employee and manager accounts as well at Settings, Managers & Users. 

What if you or your employees travel and need to log in while abroad?  No problem! Provided you are using the same computer and web browser and have successfully logged in from home, that same computer will be able to log in while you travel.  We store a secret security code on your computer so we know it’s really you and it lets you through the security gates automatically. If you are going to be using a new computer, or (shudder..) public access computers (please don’t!), then you can allow International access temporarily while traveling.  Just remember to turn it back off when you get home to keep your account secure.

  • Restrict VPN access.  Some tricky hackers know how to get around international filters.  Not all of them do, but some savvy hackers will mimic coming from a US-based connection by using a public VPN service.  VPN stands for Virtual Private Network, which allows a computer anywhere in the world to appear as if it’s connecting from somewhere else.  It’s how most hackers (both US hackers and foreign hackers) hide their identity. Criminals don’t want to be identified, so they hide behind these VPN services so when law enforcement goes to find their location they dead-end in some server in Ohio rather than the hacker’s actual location. 

    We now allow you to block VPN access as well.  It’s at the same location as international access at Settings, Login & Password.  Just make sure VPN access is not checked and those pesky criminals won’t be able to hide their identity behind a VPN.

    If you use a legitimate work VPN at your office, don’t worry, we won’t block that.  This service is designed to block public VPNs used by nefarious (there it is again!) individuals only. 
  • New Permission: Restrict Outgoing ACH.  Rentec includes powerful bank integrated tools, like sending and receiving ACH payments.  So what’s to stop a criminal if they obtained access to one of your employee’s accounts from creating their own owner and sending themselves some funds out of your account?  ACH is powerfully easy to send and receive money from owners and tenants, but in the wrong hands, it’s also easy for somebody to steal your hard-earned money if they had access to your employee’s accounts.

    Ideally, your employees follow all basic security practices and use a strong unique password for their Rentec login, have two-factor authentication enabled, and routinely scan their computers for malware, and never login from any untrusted computer.  In that case, no criminal hacker is ever going to get into their account information in the first place. But, what if your employees aren’t following all these best practices?

    We’ve added a new permission for your manager accounts to restrict outgoing ACH payments.  Head on over to the permissions for any user who doesn’t have a need to send ACH funds, find the setting called “Allow access to Owner ACH Payments”, and select “No”.  Only users who have a specific responsibility to send owner distributions should have this option enabled.

So with all this “hacker” talk, is my data really safer in the cloud than it is on my private computer?

In short, if you follow the simplest best practices, the answer is YES.  Despite all the publicity behind big companies getting hacked, it is far more likely that your personal or work computer is going to get a virus or other malware which will expose everything on it to them nasty hackers.  In fact, many online accounts that get compromised are a result of that person’s personal computer having malware on it which provides keyboard keystroke data to the hacker so they can log in to their cloud-based accounts.

Secondarily, personal computers fail all the time.  Most computers have a lifespan of 4-5 years, and I’m willing to bet more than half of the people reading this have a computer older than that they are using.  When a computer fails, the data is often gone, and if there isn’t a sufficiently recent backup, it’s back to square one which can be catastrophic for your business.

If you follow these simple best practices, your cloud-based data is going to be extremely safe, especially if you use Rentec Direct.

  1. Turn on two-factor authentication on any service that offers it.  Rentec Direct has provided it since 2014 and it’s super easy to use.  When two-factor authentication is enabled, even if a hacker gets your username and password, they still can’t access your account without having your phone in their hands.  This thwarts almost all hacking attempts and lets you know if somebody ever learns your password immediately.
  2. Use different, hard to guess passwords for each service.  I know this is annoying remembering multiple passwords, but most web browsers will help and save them all for you so you don’t have to remember them.  The reason you do this is in case one service gets hacked and a hacker gets your password, they can’t use that same password to login to other services.   If you just can’t bring yourself to use multiple passwords, at a very minimum use a unique password for your email account so it’s different from all other online services.  Then a hacker can’t log in to your email and reset all your passwords elsewhere.
  3. Keep operating systems up to date and use virus protection on your personal and work computers. Nobody expects it to happen to them, but in 2019 viruses are still extraordinarily common. There are reports out there that up to 30% of computers worldwide have malware or a virus loaded on them and the owner has no idea. Your best protection is to always install system updates when they are released and keep up to date with a good virus scanner on all of your computers. If you are a Windows user, Microsoft offers a free antivirus program called Windows Defender which has been rated as effective as other paid products. It’s what I use and I’ve found it very effective. If you are using a Mac, they don’t offer anything directly, but here’s a list of options from MacWorld that you can install to help protect yourself.

It’s also important to be able to trust your cloud-based provider because if they make a mistake, they can put your data at risk. Here at Rentec, we’re always releasing new features and improving the software, but we’re doing that with security at the forefront of our minds.  We’ve continually been at the leading edge of security in the industry and with these new features we’re implementing today we are staying light years ahead of other solutions for landlords and property managers. Be assured, we’re taking good care of your data.