Cybersecurity awareness is relevant to everyone in business today, but it is of particular concern within the multifamily industry. In this blog, we’ll discuss 4 important facts surrounding cybersecurity awareness, including how you can become a “human firewall” for your communities and stay one step ahead of potential security breaches.
- What does “Cybersecurity Awareness” mean?
Cybersecurity awareness is a deeper understanding of the types of threats your business may encounter and knowledge of some effective tools and practices to help protect your business. If you can promote cybersecurity awareness among your staff, you’ll be much less likely to experience the devastation a breach can cause.
- Why is cybersecurity awareness important?
There are several reasons why cybersecurity awareness is vital for the health of your business. Among those are:
- Ever-increasing number and sophistication of threats – Those working to breach your systems constantly improve and fine-tune their processes, and there are more and more breach incidents each year.
- Protection of yourself and your assets – Your communities have a large database of vital information that should only be accessible by authorized people.
- Cost of incident downtime and recovery – When a security breach occurs, it costs a considerable cost to stop it, recover the systems, and get everything back on track.
- Company public image – A security breach can negatively impact your public image and cause prospects to hesitate to do business with you.
- The final layer of defense – If your technological systems fail, your staff will act as the final line of defense against would-be hackers.
- What are some of the common pitfalls to effective cybersecurity?
Systems hacking has become a multi-billion-dollar business, and it can come in several different forms. The most common types of security issues you will likely encounter include:
Malware – Malware is software intended to harm your computer and systems. Some examples of malware are:
Additional threats in this category are:
- Identity theft
- Credit card fraud
- WiFi eavesdropping
- Email hoax
- Social engineering
- Human factor
Scareware – Scareware attacks usually involve a hoax that looks like a legitimate company warning you of trouble. Some examples:
- A message that tricks you into calling “Microsoft” and paying money to fix a fake issue
- A request for remote access to your computer to “fix” the issue
- Web pages that look similar to real pages (like Office365 or Facebook) and want your login information
Social Engineering – Social engineering uses social techniques to obtain information or money via email or phone illicitly.
Phishing – Property management companies are definitely a target of phishing!
- Many times, hackers learn the organizational structure of your company from your website
- Hackers study your vendors and processes
- Hackers use stolen information from the dark web to create realistic signatures/emails
Some of the ways you may encounter phishing include:
- Fake emails from executives, regionals, to property staff requesting “favors” (always check the email address!)
- Fake emails from your IT department stating your credentials are expired
- Fake invoices from vendors with suspicious attachments
- Fake documents being sent from property scanner
- Fake voicemail attachments
- Extortion emails (rare, but very effective)
- How can you avoid becoming a victim and instead become a “Human Firewall”?
Before we discuss becoming a “human firewall,” let’s review what the term “firewall” means. A firewall is a network security device that monitors traffic to or from your network. It allows or blocks traffic based on a defined set of security rules. Being a “human firewall” means that you act in a similar capacity – reviewing information that you encounter (emails, websites, etc.) and determining whether or not it is legitimate.
To become a “human firewall” you need:
- A stop-and-think mindset…and common sense
- To use Google search (AKA Google-Fu)
- Basic understanding of how the attacks take place
Finally, we’ll discuss some tips for how to actually circumvent or eliminate some of the attacks you may encounter.
- Scareware Prevention and Elimination
- It can happen even if you have good security software installed – it can originate from streaming podcast sites or web advertisements
- Don’t click anything if you are not familiar with the sender (check that email address!)
- Ctrl-Alt-Delete is your friend – Kill the task.
- If that isn’t possible, hold down the power button on the computer to power cycle your computer
- If scareware is still present after reboot, call your IT support team
- Physical Threats
- Shoulder surfing – lookout for who may be looking at your monitor
- External drives – avoid free thumb drives
- Desktop security – lock your screen when you’re away from your desk
- Always ask vendors for credentials and verify the purpose of their visit, especially if they are working on telecom, door access control, or other amenities with technology
Much of the time, if you can spend a few extra seconds taking a closer look, you can find the “tells” to show the solicitation you’ve received is not legitimate and act as a powerful “human firewall.”
Edge2Learn is an eLearning company whose focus is the Property Management Industry and specializes in property management training and multifamily education. With almost 40 years of experience and a commitment to increase industry excellence, we are passionate about engaging learners to maximize benefits for both companies and employees. Aligned with a well-respected industry leader, Ellis, Partners in Management Solutions, the Edge2Learn platform provides a turnkey solution for clearly identified needs and opportunities. We prepare learners to deliver a superior customer experience and also reduce corporate liability risks and overall employee turnover.