The MIRACLE DocPrep System's easy
accessibility does not compromise extranet or client support security.
All of our clients' critical data is encrypted at the highest possible
level. Additionally, MRG extranet and portal applications use numerous
other "best practice" security strategies, such as designing user
profiles to grant individuals accessing MIRACLE DocPrep Systems only
the specific system functions and compartments of client data they need
in order to perform their job function. This and other security
measures integrated into our applications combine to lockdown and
protect the confidentiality of client data.
MIRACLE Security For Incoming Data
any system with good security, it is necessary to protect the data both
while it is stored - "at rest" - and while it is being sent outside the
organization - "in motion".
Data at Rest
data, such as borrower information, is stored in the MIRACLE loan
database in an encrypted form. This ensures that this data cannot be
read if an attempt is made to access it from outside of the MIRACLE
software. Security is also provided at the network and physical layers.
The database physically resides in a secured facility serving as MRG's
Data Center. This facility restricts access to only a limited number of
authorized staff. At the network level, firewalls are in place to
prevent remote access to the data by any unauthorized individual or
Data in Motion
data transmitted over the Internet while using MIRACLE ONLINE is
encrypted using industry standard 128-bit SSL encryption inside your
web browser. This is the same technology used by online banks and
financial institutions to protect sensitive data in transit. You can
verify that SSL encryption is in use by the presence of a "key" or
"lock" icon displayed near the bottom of your web browser, and by the
use of the "https:" Internet address.
MIRACLE Security For Outgoing Documents
Document Technologies recognizes the importance of keeping data secure
during the delivery of document packages. As a result, MRG provides
options for secure delivery of documents directly to the lender or to
the closing agent's office.
HTTPS Web Pickup
a lender requests a document package to be delivered using HTTPS Web
Pickup, MIRACLE will generate a 16 character passkey comprised of data
from three sources of information. The system will use part of the
lender's customer id, part of the borrower's last name, and a
pseudo-random number to generate the passkey. The recipient can visit MRG's website
and gain access to the package using this passkey. Download of the
package is protected with SSL encryption, the same technology banks and
e-commerce websites use to protect their customer's data.
MRG Document Shield Secure Email
latest offering for secure delivery is MRG Document Shield. This
technology combines email notification with a password-protected
website. The documents are accessed by logging into this website at https://secureftp.mrgdocs.com.
When a lender requests documents to be delivered via MRG Document
Shield, they must provide a recipient email address. The documents are
prepared and made available for download on a secure server. When these
documents are made available, MRG Document Shield checks to see if the
recipient email is for an already registered user. If not, MRG Document
Shield will create a new user account and generate a strong, random,
and temporary password. MRG Document Shield will then send a welcome
email notification to this recipient with the temporary password. As a
security precaution, the user will be required to change this password
the first time they log in. If the user is already a registered user of
the system, the user simply receives a notice that the package is
ready. In either case, the email contains a URL to a secure website
hosted by MRG. The recipient of the package must go to the website and
login with the proper username and password. Upon a successful login,
the user will be presented with the document package for viewing or
downloading. The downloadable package is protected using SSL encryption.
More technical information about MRG Document Shield is available by clicking here.
MIRACLE Internal Security
MRG's internal systems operate on a private network protected from the Internet by multiple firewalls.
data is restricted to authorized document production personnel only.
Access to highly sensitive data, such as bank account and credit card
numbers contained on a loan application, is further restricted to only
document preparation system processes and system administrators.
Physical access to critical equipment is restricted to IT support
personnel where possible. Equipment located at MRG's offsite SAS70
Integrated Data Center is accessible only to MRG's IT personnel.