Cyber Security Part One: How Community Residents Can Protect Their TechLike it or not, we have become very dependent on our technology. Whether it’s a cell phone, tablet or computer, our devices enable us to stay connected, conduct business and access information anywhere, anytime. Yet as convenient as these devices may be, cyber security is simply not a priority for the majority of tech users—despite the increased prevalence of cyber attacks.

In part one of our two-part series, we look at why cyber security is so important to community associations. We also provide important steps that residents in your community can take to protect their technology so that sensitive information doesn’t fall into the wrong hands.

Any resident can be the victim of a cyber attack.

Does your condo association use specialized software so residents can pay their fees, download newsletters or communicate online? If so, how robust is the security for that system? Do you even know?

Without adequate security, it only takes one resident’s infected computer to spread a virus to other users. Personal information about individual residents, as well as the association’s financial data, may then be available to hackers.

Practicing good cyber security is the best prevention.

According to Chris Cady, strategic architect at FirstService Residential, even if your software’s cyber security features are highly sophisticated, it’s crucial for your condo association to promote security best practices among residents. “Awareness is key,” says Cady. “When residents and board members understand the importance of online security, they can do their part to protect community information.”

To help residents keep sensitive information out of the wrong hands, we’ve provided the following cyber security tips. These tips are based on recommendations from Public Safety Canada, the U.S. Department of Homeland Security and FirstService Residential technology experts.
  1. Never leave devices unattended.

    When using laptops or mobile devices in public places, do not set them down while you do something else—no matter how quickly you plan to return. Likewise, do not leave laptops or mobile devices in your vehicle, even if it’s locked. It takes no time for a thief to smash a window and take it. When traveling, keep your devices in carry-on bags rather than in checked luggage.
  2. Create strong passwords, and use additional protection.

    The longer and more complex you make your password, the harder it is for someone to guess it. Use a combination of both upper and lowercase letters, as well as numbers and special characters, to make the password more difficult to decipher. Create different passwords for different sites, change them regularly and do not share them. Take advantage of passcode locks on mobile devices, and use extra security, such as the option to answer security questions or associate the login with an image or avatar.
  3. Be aware of the variety of online threats that exist. Online threats have many faces, including:

    • Email scams. Legitimate-looking emails lure you in with a fantastic deal that requires you to provide money up front.
    • Viruses. These infect your computer or device (and often the device of everyone in your contact list) via a download or email attachment. Viruses can have a range of purposes, from displaying unwanted ads to obtaining personal information.
    • Trojan horses. A scammer embeds a file within a legitimate program. The file automatically installs itself and runs in order to obtain information from your computer, delete files, hack other computers or watch you through your webcam.
    • Phishing or smishing. An email (phishing) or SMS text (smishing) informs you that there is a problem with one of your transactional accounts, that your account information needs updating or that you are in some kind of legal trouble. These schemes get you to enter personal information on a fake website.
    • Botnets. These software “robots” are controlled by the person who created them. They can be used to automatically send emails from your computer or device to spread viruses or malware or as part of a distributed denial-of-service (DDoS) attack that overwhelms a business or government website and prevents transactions 

  4. Never open unfamiliar emails or click on links with strange URLs.

    If you receive an email from someone you do not know, be suspicious. Never access an account by clicking on a website link inside an unsolicited email, and delete any odd emails. If you accidentally open a suspicious link, shut down your computer or device immediately. Unfortunately, scams often look legitimate, but these telltale signs can help clue you in.
    • Spelling or grammatical mistakes. Most scams originate outside of Canada or the U.S., so the writing is either stilted or contains errors.
    • Foreign extension on an email address. The recipient’s email address may end with a foreign extension (e.g., “”) rather than “[company name].com or .ca,” “[government entity].ca,” or other extensions such as .net or .org.
    • Unusual hyperlinks. Although dangerous links often look legitimate, sometimes you might notice something just a bit odd about them. Text can be linked to any website. Hovering your mouse over a hyperlink without actually clicking on it can let you see if the link really goes where the text says it should go. The actual link destination will appear at the bottom of your browser.
    • An “.exe” extension. This indicates that an attached file is executable, which means that clicking on it will run a program on your computer or device. Most likely, this will infect your device with a virus or install malware. (Other common and potentially dangerous extensions to watch out for include “.bat” and “.pif.”)
    • An offer that is a really, really great deal. If you receive an email with an offer that appears too good to be true—especially if it comes in the form of an unsolicited email—assume it is a scam.
    • A website address that does not begin with “HTTPS.” All transactional websites use this protocol to authenticate the website and protect the user’s privacy with encryption.  

  5. Install, update and use security software.

    Viruses and other forms of malware are constantly changing, so you must keep up to date to remain protected. Schedule regular scans, and make sure to run a scan as soon as you install your security software to make sure you don’t already have a virus.
  6. Enable the highest level of security.

    Use a website’s highest level of security. Even if you are sure that you have been doing so, check your privacy settings regularly. Updates or changes can sometimes alter your settings.

    Hackers and scammers can cause significant harm in today’s world. Understanding the dangers and being vigilant when going online are responsibilities that every resident should undertake to protect themselves and their community. In part two of our series, we look at the role board members can play to keep condo association data safe.
Want to find out how a good property management company can help residents become more security savvy? Contact FirstService Residential, North America’s leading property management company.
Thursday December 01, 2016