Estateguru P2P lending Blog
  • Investing
  • Borrowing
  • Portfolio overviews
  • Case studies
  • Press
  • Company news
  • Office life
  • To estateguru.co
No Result
View All Result
  • lv Latviešu
  • lt Lietuvių
  • fi Suomi
  • et Eesti
  • en English
  • de Deutsch
Create account
Estateguru P2P lending Blog
  • Investing
  • Borrowing
  • Portfolio overviews
  • Case studies
  • Press
  • Company news
  • Office life
Estateguru P2P lending Blog
Home Company news

How EstateGuru protects your data

22-02-2021
in Company news, How to use Estateguru
Reading Time: 3 mins read
0 0
How EstateGuru protects your data

In the wake of the latest data breach, where carshare app CityBee has seen 110 000 user account details leaked, we thought it was a good time to remind our users how we protect your data.

At EstateGuru, we take a holistic approach to data protection, meaning that we enforce multiple layers of security.

At the top level, we ensure that all usernames are unique. Your username is also known as your EG Code and does not contain your name or other personal details. In addition, we encourage users to use hard authentication where possible i.e. smart ID, Mobile ID, digital ID etc. 

All our user passwords are encrypted and we also offer the possibility to use two-factor authentication for all critical actions like making investments, withdrawing money etc. While this may slow you down slightly and add a bit of complexity, it is definitely worth it for the peace of mind.

You will also have noticed that we notify you about every single account action. This may seem ‘spammy’ to some people, but is a great first-line defence. After all, you will be the first to spot something that you didn’t initiate.

Our team monitors all accounts constantly for user anomalies like abnormal withdrawals or unusual investment patterns and we act promptly when we notice anything suspicious.

Our policies around user and account verification are strict and rigorous and we refuse to take any shortcuts. While we do receive complaints about it being inconvenient, we feel that we would rather protect our users and their funds than take any shortcuts.

All user data like identity documents, bank account details etc are stored separately from the actual account, meaning users do not have access to these documents and information. 

Internally, we have a strict access policy to our cloud servers and our back-office user access is extremely limited.

To sum up, we have a five-step security system:

  1. Onboarding – sign-up and verification
  2. Using your account – constant notifications when you invest, withdraw, deposit
  3. Authentification and confirmation of actions
  4. Technical security measures to protect data
  5. EG operational security (who has access to data and how do they have it, and what client information do they have access to) & procedures (to avoid leaks)

Differences between EstateGuru and CityBee

In the wake of the CityBee leak, many investors contacted us voicing their concern about something similar happening to the EstateGuru data.

First-off, comparing our security measures to those employed by CityBee is like comparing apples and oranges, but we will endeavour to do so nonetheless.

Bear with us though, as this may get a bit technical. 

The CityBee leak happened because the customer database was stored on an unsecured Microsoft Azure blob. The hacker then used a Rapid7 Open Data Forward DNS tool to search the reverse DNS lookup then a directory brute-force attack was used to enumerate directories in the blob, after which the hacker downloaded the files. The major concern is also that the hack apparently occurred in 2018, and CityBee remained unaware until February 2021, when the information was put up for sale.

Our data is not stored in the same way. EstateGuru’s IT assets are stored on completely different services which do not have the same technical vulnerabilities, and we closely follow service providers’ proposed security mechanisms.

The main issue difference is one of data management. Hackers very rarely use technical weaknesses. They target doors left open by bad data management.

The CityBee passwords were protected by an outdated and weak SHA1 algorithm. 

Our security systems are constantly reviewed and updated, ensuring that we employ only the most up-to-date measures. As an example, our password hashing system is several points of magnitude more secure than that employed by CityBee.

In the end, it all comes down to human effort though. The most vital part of data security is constant monitoring, which CityBee seems to have not done, and we most certainly do. Early warning systems are in place to catch any potential attack and block it at the source.

We will continue to protect your data and provide you with a secure investing environment.

Related Posts

An interview with Daniil Aal, Estateguru’s Head of Business Lending

Estateguru’s Summer Days

How we maximize value creation for investors from late loan situations

ShareShareSendSendTweet
Previous Post

Wallstreetbets created a new investment phenomenon while reinforcing an old truth

Next Post

The Estateguru Ambassador program

Recommended for you

Portfolio overviews

Loan portfolio overview (December of 2022 and full overview of 2022)

27-01-2023
Mihkel-Stamm, COO (Chief Operating Officer)
Investing

Estateguru’s Annual Review for 2022 and outlook for 2023

17-01-2023
Refinancing, City scape
Borrowing

What is refinancing and why does Estateguru refinance loans?

06-01-2023
Man writing loan portfolio November
Portfolio overviews

Loan Portfolio Overview (November of 2022)

28-12-2022
Baltic Real Estate Market Overview
Investing

Watch: Baltic Real Estate Market Overview

14-12-2022
Sebastian, Investor Stories
Investing

Investor Stories: Sebastian

12-12-2022

How to use Estateguru

construction

So you have your first defaulted loan? Here’s what you should know

13-10-2022

A Guide To Setting Up The Auto Invest Custom Strategy

28-03-2022
5 Reasons To Use Estateguru’s Auto Invest

5 Reasons To Use Estateguru’s Auto Invest

11-01-2022
Auto Invest – Investment Strategies User Guide

Auto Invest – Investment Strategies User Guide

05-01-2022
refer a friend

Our New and Improved Referral Program!

24-11-2021
Load More

Sign up for our newsletter

Popular Posts

  • construction

    So you have your first defaulted loan? Here’s what you should know

    47 shares
    Share 19 Tweet 12
  • So you have your first late loan. Here’s what you need to know.

    35 shares
    Share 14 Tweet 9
  • How we maximize value creation for investors from late loan situations

    23 shares
    Share 9 Tweet 6
  • Estateguru’s Annual Review for 2022 and outlook for 2023

    19 shares
    Share 8 Tweet 5
  • How does Estateguru’s Debt Management Work?

    15 shares
    Share 6 Tweet 4
Estateguru P2P lending Blog

Estateguru is the leading Pan-European marketplace facilitating property-backed loans for SMEs and carefully selected investment opportunities for our global investor base.

Estateguru OÜ Tartu mnt 10/Pääsukese 2, Tallinn
Tel: +372 6412 777
Email: info@estateguru.co

Other Links

  • Start Investing
  • About Estateguru
  • FAQs
  • Cookies & Privacy Policy
  • Contact & Support
Trustpilot

© 2022 Estateguru - The leading European marketplace for short-term, property-backed loans.

No Result
View All Result
  • Investing
  • Borrowing
  • Portfolio overviews
  • Case studies
  • Press
  • Company news
  • Office life
  • To Estateguru.co
  • Create Account
  • lv Latviešu
  • lt Lietuvių
  • fi Suomi
  • et Eesti
  • en English
  • de Deutsch

© 2022 Estateguru - The leading European marketplace for short-term, property-backed loans.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.