Evaluating and Addressing Real Estate’s Biggest Cyber Liabilities

No matter what size a business is or which sector it belongs to, it will always be vulnerable to cyber attacks. It’s not just about technology: according to Symantec’s Unprepared for Security Breaches report, 80 percent of data breaches recorded were inflicted upon organizations that did not rely upon the Internet as a key aspect of their business, with significant losses being the result of stolen or misplaced equipment.

However, the real estate industry does have a number of qualities that create cyber security exposures. From the increasing frequency of intelligent buildings and the Internet of Things to the sensitive customer data kept in the network, a real estate firm could be an appealing target to a hacker, and an attack could cause devastating damage to the business’s finances and reputation. Familiarize yourself with the industry’s most prominent cyber liabilities and adjust your company’s cyber policies to address these concerns.

Sensitive Data

Real estate companies (particularly residential real estate businesses) have a wealth of information about their current and future (and possibly past) tenants collected on their network. This could include their Social Security numbers, financial information, and other pieces of personally identifiable information (PII).

There are two steps to take to address this issue. The first is to make sure that network security is up, running, and up-to-date. Regularly perform “cyber drills” to test the effectiveness of employees’ ability to spot attacks, and perform an analysis of your system on a regular basis to find weak spots.

The second step is more simple: train your employees. Even if your employees do not work in IT, they could be targeted in phishing schemes or social engineering scams, all because they lack the training to recognize someone with unsavory intentions. Instruct them on the most common forms of attacks, and educate them on the importance of keeping passwords and information hidden.

Smart Technology

Smart technology can be useful and appealing to clients, but it represents a significant security risk if not properly secured. Without significant regulations on the technology at the time, it’s up to a business to create firm, comprehensive policies on their smart technology. There should be a multi-step process to identify and authenticate any device wishing to connect to the network, and selective connectivity should be enabled, which would protect the overall network in the event that one device or one portion is compromised.

Employee Error

Many building management system network are managed by facilities managers or security guards. Typically, these employees have little to no background in IT or networking, which could lead to these systems lacking the basic security measures necessary to block out attacks. Make sure that systems are led by an employee with working knowledge of IT (if you do not have such an employee, look into hiring someone or providing a current employee with the right training), and make sure that there is a cyber security section included in your regular employee training.

 

About Axis Insurance Services

At Axis Insurance Services, we aim to help our customers identify their exposures and protect themselves. Founded in 1999, we offer insurance programs to a wide variety of professionals and industries including attorneys, real estate, healthcare, architects, and more, and also have a wholesale division. We pride ourselves on offering flexible insurance coverage tailored specifically to each customer’s needs. To learn more about our solutions, contact us at (201) 847-9175 to speak with one of our professionals.