Grace Hill Training Tip of the Week
Cyberattacks — Should You be Worried?
We hear a lot in the news about data being exposed or stolen by cyberattacks in healthcare, banking and retail industries. But we tend to hear less about such attacks in the property management industry, even though they have happened before and will likely happen again. As a result, the risk of cyberattacks in the property management industry may be overlooked and underestimated.
The risk of cyberattack in the property management industry is just as real as in other areas. Unlike for institutions like banks and hospitals, there is no federal law requiring real estate and property management companies to implement cybersecurity programs to protect information and systems. Because of this general lack of oversight and regulation, property management companies’ cybersecurity programs may be relatively less developed and less sophisticated than in other industries, making them a more attractive target for cybercriminals looking for an easy way to steal personal data.
What could property management companies have that cybercriminals want? Isn’t the most desired data credit card numbers and financial information? That turns out not to be the case. As Ryan Byrd, Vice President of Engineering for Entrata said, “There’s this myth that hackers are really interested in credit card numbers because you can buy stuff with them. The most commonly stolen information is not credit card numbers, but personally identifiable information (PII).”
Think of all the data you collect on any given day from a resident or prospective resident and the financial transactions you process—rent payments, deposits, and vendor payments. This is a treasure trove of personally identifiable information and a goldmine for cybercriminals who can use it to commit identity theft and fraud.
With its lack of sophisticated security measures and lots of valuable PII, the property management industry is the perfect target for cybercriminals. If sensitive data falls into the wrong hands, it can lead to fraud and identity theft, which in 2016 was the most common reason for hackers to carry out a cyberattack.
Given the cost of a security breach — losing your customers’ trust and perhaps even defending yourself against a lawsuit—safeguarding personal information is critical. That risk doesn’t just come as a hit to your brand or reputation, either. With the average legal and other associated costs of a data breach at around $150 per record, losing your residents’ data could have a significant impact on your bottom line as well.
As we rely more and more on digital data and interconnectivity, cybersecurity is an issue to think hard about as you plan policies, processes and training for the year.
- It is crucial to have systems in place to prevent, prepare for and withstand cyberattacks.
- Train employees and managers on the risk of data breaches, and what they can do to prevent them.
Just like wearing your seatbelt, or locking your car, good habits are the building blocks of cybersecurity and are the best way to keep your residents’ information safe.