Edge2Learn Blog - 4 Important Facts Cybersecurity Awareness

Cybersecurity awareness is relevant to everyone in business today, but it is of particular concern within the multifamily industry. In this blog, we’ll discuss 4 important facts surrounding cybersecurity awareness, including how you can become a “human firewall” for your communities and stay one step ahead of potential security breaches.

What does “Cybersecurity Awareness” mean?
Cybersecurity awareness is a deeper understanding of the types of threats your business may encounter and knowledge of some effective tools and practices to help protect your business. If you can promote cybersecurity awareness among your staff, you’ll be much less likely to experience the devastation a breach can cause.

Why is cybersecurity awareness important?
There are several reasons why cybersecurity awareness is vital for the health of your business. Among those are:

Ever-increasing number and sophistication of threats – Those working to breach your systems constantly improve and fine-tune their processes, and there are more and more breach incidents each year.
Protection of yourself and your assets – Your communities have a large database of vital information that should only be accessible by authorized people.
Cost of incident downtime and recovery – When a security breach occurs, it costs a considerable cost to stop it, recover the systems, and get everything back on track.
Company public image – A security breach can negatively impact your public image and cause prospects to hesitate to do business with you.
The final layer of defense – If your technological systems fail, your staff will act as the final line of defense against would-be hackers.

What are some of the common pitfalls to effective cybersecurity?
Systems hacking has become a multi-billion-dollar business, and it can come in several different forms. The most common types of security issues you will likely encounter include:

Malware – Malware is software intended to harm your computer and systems. Some examples of malware are:

Viruses
Worms
Trojans
Ransomware
Spyware

Additional threats in this category are:

Botnets
Hacking
Pharming
Phishing
Identity theft
Credit card fraud
WiFi eavesdropping
DoS/DDoS
Rootkit
Email hoax
Social engineering
Human factor

Scareware – Scareware attacks usually involve a hoax that looks like a legitimate company warning you of trouble. Some examples:

A message that tricks you into calling “Microsoft” and paying money to fix a fake issue
A request for remote access to your computer to “fix” the issue
Web pages that look similar to real pages (like Office365 or Facebook) and want your login information

Social Engineering – Social engineering uses social techniques to obtain information or money via email or phone illicitly.

Phishing – Property management companies are definitely a target of phishing!

Many times, hackers learn the organizational structure of your company from your website
Hackers study your vendors and processes
Hackers use stolen information from the dark web to create realistic signatures/emails

Some of the ways you may encounter phishing include:

Fake emails from executives, regionals, to property staff requesting “favors” (always check the email address!)
Fake emails from your IT department stating your credentials are expired
Fake invoices from vendors with suspicious attachments
Fake documents being sent from property scanner
Fake voicemail attachments
Extortion emails (rare, but very effective)

How can you avoid becoming a victim and instead become a “Human Firewall”?
Before we discuss becoming a “human firewall,” let’s review what the term “firewall” means. A firewall is a network security device that monitors traffic to or from your network. It allows or blocks traffic based on a defined set of security rules. Being a “human firewall” means that you act in a similar capacity – reviewing information that you encounter (emails, websites, etc.) and determining whether or not it is legitimate.

To become a “human firewall” you need:

A stop-and-think mindset…and common sense
To use Google search (AKA Google-Fu)
Basic understanding of how the attacks take place

Finally, we’ll discuss some tips for how to actually circumvent or eliminate some of the attacks you may encounter.

Scareware Prevention and Elimination
- It can happen even if you have good security software installed – it can originate from streaming podcast sites or web advertisements
- Don’t click anything if you are not familiar with the sender (check that email address!)
- Ctrl-Alt-Delete is your friend – Kill the task.
- If that isn’t possible, hold down the power button on the computer to power cycle your computer
- If scareware is still present after reboot, call your IT support team

Physical Threats
- Shoulder surfing – lookout for who may be looking at your monitor
- Tailgating
- External drives – avoid free thumb drives
- Desktop security – lock your screen when you’re away from your desk
- Always ask vendors for credentials and verify the purpose of their visit, especially if they are working on telecom, door access control, or other amenities with technology

Much of the time, if you can spend a few extra seconds taking a closer look, you can find the “tells” to show the solicitation you’ve received is not legitimate and act as a powerful “human firewall.”

Contributed by:

Travis Street
President and Founder, CTS Multifamily IT Solutions

4 Important Facts Surrounding Cybersecurity Awareness

Read more like this from Edge2Learn

Subscribe