Contact | Support | Login | Content Library Search
Home > About RSA > News & Events

Press Releases

Wednesday, May 17, 2006
Real Estate Industry Survey Identifies Trends in MLS, Association and Transaction Data Security

Washington, DC— Today at the 2006 REALTORS® Midyear Legislative Meeting & Trade Expo, RSA Security (Nasdaq: RSAS) released the results of a study which surveyed the real estate industry on issues related to MLS, association and transaction data security. The results highlight how various segments of the real estate industry hold starkly different opinions regarding the industry's focus on information security, and the steps so far taken to improve real estate data security. The research also shows differences of opinion regarding who should ultimately be responsible for the security of vital real estate data. Complete research results will be available in RSA Security's booth (#1522) at the 2006 REALTORS® Midyear Legislative Meeting & Trade Expo.

Securing MLS Listing Data

Overall, the survey results indicate that respondents believe few MLSs enforce password policies that strongly protect MLS databases from unauthorized access. For example, 59 percent of respondents said their MLS does not require password changes. More than half of those surveyed say their MLS does not require strong passwords (e.g., passwords combining letters, numbers and symbols, or passwords more than 15 characters long). At the same time, the majority of respondents say potentially sensitive data are often stored in the MLS database - 98 percent reported property addresses, 88 percent cited showing instructions, and 69 percent said the seller's name. In addition, about 20 percent said times when homes are unoccupied may be found in the system. The survey also addressed unauthorized MLS password sharing and access to listing data:

  • Sharing login information with non-members: 34 percent of all respondents know of MLS members who have shared login information with non-members; 54 percent of MLS executive, staff and board members are aware of such sharing.
  • Sharing login information with clients: 37 percent of MLS respondents know of instances where MLS members have shared login information with clients, so that clients may search listings on their own; only 17 percent of agents know of such sharing.
  • Unauthorized selling of MLS listing data: 20 percent of those surveyed know of instances where MLS listing data were sold or provided to a third party (e.g., moving company) without authorization. The greatest awareness was among MLS respondents (45 percent); lowest awareness was evident among real estate agents and brokers (12 and 17 percent, respectively).

The survey also showed contrasting perspectives regarding steps taken by MLSs to secure listing data. While about 60 percent of association and MLS respondents believe steps have been less than adequate, only about a third of agents and brokers believe that to be the case - the remainder believe efforts to-date have been more than adequate.

Securing Association Member Data

Overall, respondents tend to believe that associations view protecting member data as extremely or moderately important - 86 percent responded in this manner. Meanwhile, 66 percent say steps taken by associations to protect member data have been more than adequate. The survey also highlights private member data which are often stored in association databases:

  • 41 percent said their association stores personal member information, such as social security numbers and dates of birth
  • Nearly 37 percent said their association stores member payment information (e.g., credit/debit card data)
  • The vast majority (84 percent) said their association stores members' professional information (e.g., National REALTOR® identification numbers, professional certifications or state license numbers)
Securing Transaction Data

While a majority of brokers and agents believe steps to protect transaction data have been adequate, respondents from MLSs and associations hold very different perceptions. Specifically, while 75 percent of agents and 83 percent of brokers believe steps have been more than adequate, only 41 percent of association and 37 percent of MLS respondents agree with that position.

In terms of the entity which should be ultimately responsible for ensuring the security of real estate transaction information, 45 percent of respondents believe this is the role of real estate brokers. Twenty-six percent named the local MLS, while 16 percent believe the local association should be responsible.

Responsibility for Protecting Real Estate Industry Data

There were clear differences in terms of who various members of the real estate industry believe is best-positioned to address information security. While 57 percent of association respondents believe associations are best positioned, 79 percent of MLS respondents believe MLSs are better-suited to address these issues. Real estate agents and brokers were less decisive - about 40 percent felt associations were best-positioned, while one-quarter favor brokers; about one-third named the MLS.

Survey Description and Methodology

RSA Security's real estate industry survey was conducted online between May 5 and May 9, 2006. Five hundred forty-six respondents participated - 16 percent self-identified as an association executive, staff or board member; seven percent reported being a MLS executive, staff or board member; 54 percent were real estate agents; and 20 percent were real estate brokers. A minimal number of participants identified themselves as a "lender," "title company" or "other."

***Note to media: A report with additional survey results may be obtained by emailing dhowell@rsasecurity.com

About RSA Security Inc.

RSA Security Inc. is the expert in protecting online identities and digital assets. The inventor of core security technologies for the Internet, the Company leads the way in strong authentication and encryption, bringing trust to millions of user identities and the transactions that they perform. RSA Security's portfolio of award-winning identity & access management solutions helps businesses to establish who's who online - and what they can do.

With a strong reputation built on a 20-year history of ingenuity, leadership and proven technologies, we serve approximately 20,000 customers around the globe and interoperate with more than 1,000 technology and integration partners. For more information, please visit www.rsasecurity.com.

RSA Security and RSA are either registered trademarks or trademarks of RSA Security Inc. in the United States and/or other countries. All other products and services mentioned are trademarks of their respective companies.
Top of Page Email to a Friend Print
© 2010 RSA Security. All rights reserved | Privacy | Legal | Site Map

RSA, The Security Division of EMC, provides Secure Data, Compliance, SIM, SEM, SIEM, PCI, Consumer Identity, Two-Factor Authentication, Custom Applications, Consulting, Assessment, and other security solutions and services to over 90% of the Fortune 500.
 
Access Control |  Authentication and Identity Assurance |  Credential Management |  Data Loss Prevention |  Data Encryption and Key Management |  Fraud Prevention |  Security Information and Event Management |  Log Management |  IT Compliance |  ISO 27002 Compliance |  Information Risk Management for Financial Services |  Payment Card Industry Data Security Standard | 
 
RSA Access Manager
RSA BSAFE
RSA eFraudNetwork
 RSA Data Loss Prevention
RSA Consumer Solutions
RSA FraudAction
 RSA Digital Certificate Solutions
RSA Encryption/Key Management
RSA Enterprise Data Security
 RSA enVision
RSA SecurID
RSA Smart Cards

 RSA Federated Identity Manager
RSA Adaptive Authentication