In part one
of this two-part series, we discussed the importance of cyber security to your condo association and the steps that residents can take to protect themselves and their association. In this article, we look at your board’s responsibility in preventing cyber attacks.
Many technology solutions are available today to conduct the day-to-day business of running a condominium association. Specialized property management software, for instance, can simplify transactions and improve communication among board members and with residents. Wireless access to cardkey data and security cameras can allow you to keep an eye on activities around your property and manage systems remotely.
“The ability to communicate, pay association fees and access information online makes it much easier for condo boards and residents to accomplish many necessary tasks,” says Chris Cady, strategic architect at FirstService Residential. With all this sensitive information floating around, security should be a top priority for association boards, but oftentimes it isn’t. In fact, few associations have a formal process for handling cyber security.
However, what you may not realize is that your condo association is subject to the Alberta Personal Information Protection Act (PIPA). In part, this means that you are required to have a policy in place for protecting residents’ personal information. You must also name someone to be responsible for ensuring PIPA compliance. In addition, if your association experiences any privacy breaches, you are required to notify the Alberta Office of the Information and Privacy Commissioner.
As a board member, you may be thinking, “We’re all volunteers. What do we know about security?” If no one in your condo community is knowledgeable in this area, hiring a cyber security professional would be a valuable investment. This professional can review your existing protection, recommend ways to improve it and perform any upgrades you can’t do yourself. A good condo management company can help, either by providing an in-house expert or by referring you to a reputable cyber security specialist.
Meanwhile, your board should implement the four steps below to begin putting your association on a more secure path.
1. Establish a cyber security policy.
Your condo association is essentially a small business, and just like any business, it should have an established policy for handling online security even beyond those mandated by PIPA. Of course, your governing documents and local laws will dictate how to add a new policy. Such a policy should include:
- Roles. Who should have access to what information? Who should have administrative privileges? Who will have responsibility for managing PIPA compliance and other aspects of your cyber security?
- Potential risks and a plan of action. What are some of the possible security breaches that might occur, and what can you do to mitigate those risks? How should board members address mishandling or accidental leaking of personal information? Who should you contact if you suspect criminal hacking of your data?
- Rules about using association devices. If your association owns computers or mobile devices for board members or residents to use, do they contain sensitive information? How will you prevent unauthorized people from accessing confidential information? Should you allow access to social media from these devices? Are certain websites off limits?
2. Develop cyber security board training.
Whether you create a simple manual or require board members to take a class, cyber security awareness training is a good idea. This way, everyone on the board is following the same procedures and policies.
3. Provide residents with cyber security information.
Use available communication channels to educate residents about cyber security. Include information in your community newsletter, send out emails or letters and post tips on your community website and on a centrally located bulletin board. Share Cyber Security Part One
4. Make sure that your association software is secure.
Using software that is specially designed for condominium associations can make many tasks easier for both board members and residents. However, it must incorporate robust security designed to prevent the introduction of malware and unauthorized access to sensitive information.
Cady points out that a program like FSRConnect™
from FirstService Residential provides advanced security and privacy features so that your board members and residents can safely log on from anywhere using a mobile device. As a board member, you can easily access all of your need-to-know information from a customizable dashboard. Residents can use FSRConnect to communicate directly with other residents and board members, as well submit maintenance requests and reserve amenities.
Safety and security go well beyond the walls of your building or the fences of your neighborhood. In today’s world, hackers and scammers can also cause significant harm. Understanding the dangers and being vigilant when going online are responsibilities that every board member—and every resident—should undertake to protect your condo community.
An experienced condo management company can help you protect your information from cyber attacks while making it easier to conduct business online. Find out how. Contact FirstService Residential
, Alberta’s leading condominium management company, today.