Cyber Security and Your HOA, Part Three: Your 4-Step Action Plan
Download a free guide!
Fill out the form below for our free guide
Learn more about protecting your HOA from cyber criminals from our whitepaper: Minding Your Association’s Technology?
Nevada homeowners associations are utilizing the latest digital technologies in a big way. Property management software allows boards to expedite transactions for residents, digitally sign documents and perform everyday tasks quickly and efficiently. Digital technology is also used to improve resident communication and security systems (e.g., cardkey data and security cameras that can upload footage to a server, rather than physical videotapes).
While these advances in technology have made everyday tasks a lot easier, there are also some challenges associated with these innovations. Digital technology has some significant vulnerabilities that leave it open to sophisticated cyber attacks. In fact, watch the local news tonight and you’ll likely see another instance of a major data breach from an experienced hacker. In September 2017, credit bureau Equifax announced that a breach by hackers in July potentially compromised the private Social Security numbers, birth dates and addresses of more than 140 million Americans. Of that number, Nevada Attorney General, Adam Paul Laxalt, reported that an estimated 1.2 million Nevada residents were affected by the breach.
HOA members may think this kind of news doesn’t apply to their organization since they do not reach the same number of people. But the latest stats tell a different story. Small businesses and organizations (like HOAs) are increasingly at risk for cyber attacks, like spear fishing. Spear fishing, a particularly hostile threat to associations, involves sending fraudulent emails in order to obtain private information from organizations. In a 2016 report on cyber attacks, global security firm Symantec reported that 43% of all spear-phishing attacks in 2015 were against small businesses with 1 to 250 employees (compared to 35% directed toward large businesses). Make no mistake, small organizations like HOAs are just as easily targeted as big corporations.
Your Management Company’s Role in Cyber Security
A strong cyber security strategy begins with an experienced property management company. Many associations work with an HOA management company to manage the day-to-day operations, like maintenance, resident communication and policy enforcement. In addition, the best management companies will equip you with a dedicated IT team to help manage the IT needs in your community. Working with an IT team that is part of your management company allows you to benefit from solutions designed specifically for associations. When hiring an HOA management company with dedicated IT support, make sure that they:
- Understand your association’s IT needs
- Are quick to respond to IT issues
- Provide dedicated service to your association
- Make budget-conscious planning decisions
- Have limited downtime for offsite hardware repairs
- Do not allow third-party access to your association’s confidential information
Turn to page 12 of our downloadable White Paper, Who’s Minding Your Association’s Technology? (linked below) to see a list of questions you should ask your HOA management company about how they manage IT.
Your HOA’s Role in Cyber Security
Tony Joseph, regional vice president of information technology at FirstService Residential, said that along with hiring a community management company that provides dedicated IT support, HOA members can (and should) take some additional steps to defend against cyber threats. To get started, we’ve outlined 4 steps you can take:
- Create a cyber security policy for your HOA.
- Roles and responsibilities. Determine which individuals will handle the data and which individuals will ultimately manage cyber security.
- Potential risks. Outline a plan of action if security breaches or criminal hacking occur.
- Rules for using association devices. Set up a list of rules for using association mobile devices or computers to ensure that unauthorized people will not be able to access confidential information.
- Data breach plan. Joseph said, “We prepare for potential physical attacks by taking self-defense classes–we should have the same mindset for cyber threats. Preparation is key.” To prepare for a potential data breach, you can access a variety of resources from trusted authorities like the Federal Trade Commission (FTC). The Online Trust Alliance has an online guide about data breach preparation and the FTC offers resources that explain the process of securing association data and protecting customer data.
- Review cyber security guidelines.
- Teach residents about cyber security.
- Use secure HOA software.
If you haven’t given cyber security a second thought until now, it may be time for a change. The latest statistics show that small businesses and organizations like HOAs are increasingly being targeted by hackers. Therefore, it’s important to understand the risks and establish a cyber security plan to help combat cyber attacks. Want to learn more? Part One of this series explains how residents can help prevent attacks, and Part Two describes the board’s role in data safety.
An experienced HOA management company can help with your IT needs. To find out how, contact FirstService Residential, Nevada’s leader in community association management.