Every year Clareity gets calls when industry organizations have been hacked. A hacking incident can damage reputations, impede an organization’s ability to conduct business, and cause financial harm. Such incidents could often have been prevented had the business managers taken reasonable steps to protect the organization.
Clareity is the most experienced real estate security auditing firm, and provides security audits for many top MLSs, Associations, brokerages, and technology companies. The audit covers information security policies and procedures, human resources practices, physical security, networking, device configurations, OS and platform configurations/updates, software security, and more. The audit includes use of automated testing tools, manual testing, and proprietary Clareity checklists. Clareity will educate staff on use of each security tool and checklist, in as much depth as makes sense for your staff; using these tools, checklists, and methods will help your organization maintain security over time. If needed, Clareity will also evaluate SaaS contracts; Clareity will non-intrusively test and provide guidelines for evaluating the security posture of any third party software services that may be in use.
Clareity helps organizations evaluate risk in a wide variety of areas including:
Clareity also helps organizations evaluate their Business Resumption Plan or draft a new one. This service is often performed in conjunction with an Information Security Audit, since there is some overlap in the assessment scope.
MLSs must establish consistent auditing criteria and processes to avoid speculation or lawsuits regarding discrimination against broker and technology providers. Clareity’s IDX and VOW Compliance Review services help ensure that these highly technical audits are thorough and that standardized criteria are consistently applied. Clareity can provide complete auditing services or work with MLS staff to collaborate on audits.
Even if the MLS staff currently performs IDX and VOW compliance reviews, when a violation is suspected or confirmed, it can be valuable to have a third party like Clareity confirm the violation and provide an independent compliance report to avoid friction between the MLS and members or technology providers.
"Information security is a never ending, core responsibility for associations and MLSs and one that HAR takes seriously. HAR recently completed our fourth security audit with Clareity and once again we have identified new ways to improve. The ongoing threat of cyber attacks is real but the need for heightened security is about more than technology: Clareity helps us evaluate our internal policies and procedures, physical security, employee/personnel practices, and much more. Clareity helps us keep an eye on what our vendors are doing to meet our security requirements and also helps us protect our members by presenting security best practices in a way that is easy to understand and implement."
“Clareity did a great job for us with the security audit. I can’t imagine any other firm providing an audit anywhere near as valuable and thorough as the services we received. [We] will be a much better operated company as a result of Clareity’s evaluation and advice.”
“Clareity thoroughly reviewed CMLS operations and provided a detailed, prioritized list of the security risks facing our organization. They provided us with the information and tools we needed to make our systems more secure and to maintain better security over time. The follow-up has been great, too.”
“The audit is very comprehensive. The information covered is exactly what we are looking for. Matt’s knowledge of the material is truly impressive and his ability to convey the information has made it easier for myself and my staff to understand.”