By Greg Kelly, Senroc Technologies
In an era where our personal and work lives are more connected to digital technology than ever, it is crucial to establish a strong first line of defense to protect our virtual worlds. Fortunately, you have access to tools that make learning the basics of cybersecurity easy and effective.
Cybersecurity is the implementation of safeguards to protect our digital assets, including ourcomputers,networks,anddatafromcyberattacksaimedataccessing,altering,ordestroying sensitive information. Picture a scenario where a property manager receives an email requesting payment from a well-trusted security vendor for a homeowners’ association in their portfolio. Unbeknownst to this property manager, the email account of the security vendor has been compromised and a threat actor is sending invoices with wire transfer information to their own bank account. Without safeguards to assist in verifying the authenticity of the email, there is a higher chance this property manager could inadvertently send funds to the threat actor resulting in financial losses for the HOA. With proper cybersecurity practices and tools in place, this scenario is avoidable!
The Importance of Cybersecurity for HOA Property Managers
For HOA management companies and their property managers, implementing a cybersecurity plan is not just a “should do”, but a “must do”. It is their fiduciary duty to their clients to take the steps necessary to protect the client’s interests. Property managers are highly trusted professionals who require an elevated level of access to perform everyday functions for their customers. With this high level of access comes a high level of responsibility. The consequences of a failed security effort can be devastating for a management company as well as their clients. Potential consequences can range from access to HOA bank information, unauthorized approval of money movements such as wire transfers as well as submittal and approval to pay invoices.
The Importance of Cybersecurity for Board Members
Board members are the lifeblood of an HOA and provide important decision making to ensure the health and financial vitality of their community. With this influence, they also take on a level of risk and face potential consequences when not taking steps to improve their cybersecurity stance.The most common result of a poor cybersecurity stance is a compromised identity. Once a threat actor has access to an email account, they are now the digital representation of you. For typical HOA tasks such as submittal and approval of invoices or check signatory authority, a compromised account could lead to money being stolen from the HOA through seemingly normal means.
Some Simple Ways to Implement Cybersecurity
The first step is to grasp how essential cybersecurity is. Check!
The next steps are to implement practical protective measures that can greatly diminish the threat of being the next victim of cybercriminals. Here are a few useful tips everyone should use.
Practice recognizing phishing
Phishing is an attempt to steal personal information or break into online accounts using deceptive emails, messages, ads, or sites that look like sites you already use. Threat actors will use your trust with reputable companies, friends, or acquaintances, to get you to access fraudulent websites, or files, designed to capture your sensitive data. These attempts can be difficult to spot, but taking some extra time can help identify potential scams. Here are a few quick points of things to pay attention to:
- Watch the sender’s email address, not the sender’s name – Most email providers put the display name at the forefront. This can create an opportunity for threat actors to sneak emails by. Imagine getting a believable email from John Doe, the CEO of a management company. However, you missed the email is from wearethebadguys@gmail.com.
- Look for spelling and grammar mistakes – English is often a secondary language for many of these operations. This can result in poor grammar and spelling mistakes that provide an opportunity to cause pause.
- Listen to your intuition – We are all pretty good at detecting when something is off if we take the time to listen. If a situation feels strange, listen to your gut and ignore or take steps to check the validity.
Take steps to secure your accounts
All of us are probably guilty of using some variation of the same password across many of our accounts. While it is convenient, it can also be an easy way for threat actors to gain access to one or more of your accounts. If they know you login to your email account with one password, they can try that same combination of email address and password for other common accounts (ex. banks, shopping websites, etc.). For this reason, it is a good idea to use strong and unique passwords for each service you use. Since it can be daunting to have so many different passwords, you can use a trusted password manager to help you keep track of passwords across different services. In addition, you should always take advantage of multi-factor authentication (MFA) whenever a service offers it. It’s an easy way to help keep a threat actor out of your account even if they have gained access to your password.
Verify with a call
This one almost seems too easy, but simply making a call when questioning the validity of something can be the most effective way of thwarting a fraud attempt. Some threat actors are smart to put a phone number on their medium of choice, so if you are looking for a phone number for a provider use known good sources such as a company website or your own known contacts to ensure you have a real phone number.
So, there you have it! Ensuring the safety of data and information is a collective duty that needs constant watchfulness and proactive security measures. Those in charge of managing and governing HOAs must take this obligation seriously so those living in their community can thrive. The very nature of the HOA industry in the digital age makes property managers and board members a prime target. Takingtheproperstepstoestablish a strong cybersecurity stance ensures you fulfill your fiduciary responsibilities of HOA communities you lead.
Greg Kelly is the founder of Senroc Technologies, a Managed IT Services company in the Denver area since 2013. With over 13 years of experience working within the HOA Management industry, he brings a unique perspective to marrying the HOA and IT worlds.
