Protecting Your HOA From Cyber Attacks, Part 3: Your 4 Steps to Cyber Security
Download a free guide!
Learn more about what you can do to protect your community from cyber criminals from our guide: Who’s Minding Your Association’s Technology?
Arizona community associations are also benefiting from the latest digital technologies. Boards use property management software to make their daily responsibilities more efficient. These programs allow them to expedite resident transactions, sign documents electronically, and perform other important tasks quickly and conveniently. Associations also rely on digital technology for their communication and security needs (e.g., cardkey data and security cameras that capture footage and save it to a server).
Of course, these technology breakthroughs can come with their own set of challenges. Turn on the local news, and you won’t have to wait long to hear about a new data breach by sophisticated hackers. In fact, in September 2017, credit bureau Equifax announced that a breach by hackers left the personal information (including Social Security numbers and addresses) of 143 million Americans at risk. In light of the risk stemming from similar cyber attacks, Maricopa County even established a Cyber Security Portal to help mitigate these threats. The state of Arizona has prioritized cyber security across many of its local agencies.
As an HOA board member, you might be thinking that this issue only applies to large corporations like Equifax. However, small organizations like HOAs are at a very high risk for cyber attacks. In a 2016 report, global security firm Symantec reported that the largest percentage of all spear-phishing attacks in 2015 (approximately 43%) were directed toward small businesses with 1 to 250 employees. Homeowner associations are particularly threatened by spear fishing, a method that involves sending fraudulent emails to organizations for the purpose of obtaining personal and confidential information. Small businesses like HOAs are not safe from cyber attacks.
The Role of Your Management Company
We’ve established the fact that HOAs are increasingly threatened by cyber attacks. But how do you protect your association from data breaches and digital threats? To start, you should hire an experienced community management company. A good HOA management company will manage daily operations, such as maintenance, policy enforcement and communication with residents. But a great community management company will provide you with a dedicated IT team to manage all of the IT needs in your community. The company that is entrusted with your private data will also maintain your systems where the data lives. So what should you look for when hiring a management company with dedicated IT support?
- Solid understanding of your HOA’s IT needs
- Quick responsiveness to IT issues
- Dedicated IT service to your association
- Budget-sensitive IT planning
- Limited downtime during hardware repairs that occur offsite
- Zero third-party access to your HOA’s confidential information
For a list of questions you should ask your community management company about how they manage your association’s cyber security, read page 12 of our downloadable White Paper, Who’s Minding Your Association’s Technology?
The Role of Your HOA
In addition to hiring a community management company that offers dedicated IT support, Tony Joseph, regional vice president of information technology at FirstService Residential, recommends that HOAs take specific action to protect themselves from cyber threats. To start, here are four steps that association members can take:
- Establish a cyber security policy for your HOA.
- Outline roles and responsibilities. Designate individuals who will handle the data and who will ultimately manage cyber security.
- Include potential risks. Determine the risks that your association is susceptible to, including security breaches, personal information leaks and criminal hacking. Then, outline a plan of action should those risks occur.
- Determine rules for using HOA devices. Many associations allow members or residents to use mobile devices or computers. In these cases, it’s important to establish rules for the use of these devices, so that unauthorized people will not be able to access private information.
- Provide a data breach plan. Joseph said, “We prepare for potential physical attacks by taking self-defense classes–we should have the same mindset for cyber threats. Preparation is key. ” Many federal and local government agencies offer resources to help businesses prepare for a potential data breach. For example, the Online Trust Alliance provides an online guide about data breach preparation. The Federal Trade Commission also offers several online resources that explain the process of securing association data and protecting customer data.
- Review guidelines for cyber security.
- Inform residents about cyber security.
- Employ secure association software.
Knowing about cyber security isn’t enough these days; associations need to take action to make sure their communities are protected from threats. Sophisticated hackers and scammers are targeting small businesses and organizations like HOAs on a regular basis. Given the latest statistics, it’s important to understand the risks and establish a plan to help combat these threats. To learn more, read our other posts in this series on cyber security. Part 1 explains the role of residents, and Part 2 is all about the role of your board.
An experienced community management company can help you with your IT needs. To see how, contact FirstService Residential, Arizona’s leader in community association management.