Magazine article Journal of Property Management

Are You Sitting on a Cyber Security Bombshell?

Magazine article Journal of Property Management

Are You Sitting on a Cyber Security Bombshell?

Article excerpt

Identity and cybersecurity criminals Want what you have.

Are you protected?

CYBERSECURITY IS A MAJOR ISSUE IN MANY INDUSTRIES THESE DAYS: particularly in financial services, defense, medicine, journalism and social media. It's also an issue in commercial real estate, but not many people in the industry are aware of the hazards involved in a cybersecurity breach.

Property managers, in particular, tend to be uninformed of this issue. They remain so at their peril.

Recent high-profile hacks of corporations such as Home Depot, JP Morgan Chase and Target have raised awareness of cybersecurity issues among real estate professionals. Still, as an industry, property management needs to broaden its knowledge and up its game when it comes to protecting data.


It could come as a surprise to some property managers, when they consider the situation, how much vulnerable data they have control of. Not only do they have various accounting functions and maintenance histories on file: They also, typically, have an extraordinary amount of personally identifiable information (PII) on their tenants--especially if they're managing a residential property. A resourceful hacker could use a property manager's database to steal identities, commit extortion and destroy reputations.

Paul Kastes, CPM, LCAM, who heads Principals Management Group in St. Petersburg, Fla., reported that the issues a property manager will face, with regard to cybersecurity, will depend largely on the size of the portfolio, the number and type of tenants involved and the methods of data storage. Bigger management companies run bigger cyberrisks; the vast majority of smaller companies, he said, are still on paper or use a combination of computers and paper.

"In the field," he said, "the biggest issue is protecting the information that we keep on residents and potential residents. We have Social Security numbers on these folks: That's valuable to people who want to steal it. If you get a person's social, you can do just about anything. You have their name, address, where they used to live and their driver's license numbers: you can be another person in five minutes. Protection of the residents' Personally Identifiable Information (PII) is a huge concern.

"You have to hire the right people, to ensure that the information is protected. Many people in our industry aren't computer savvy. They need to know that if you open the wrong e-mail you could be in trouble. As we go on, with increased reliance on internet and computers, this issue will get worse, and your firewalls are only as good as your people. You have to monitor and supervise them."

Background checks on your employees are a must, Kastes said, but managers still have to be constantly vigilant, because the greatest threat comes from within the company.

"That threat is less for a smaller company that has a sophisticated IT department," he pointed out. "For a smaller manager it comes down to supervision and staffing."


"Identity theft is the big issue," said David Lingenfelter, Information Security Officer at Fiberlink, an IBM company. "Mobile and cyber security are very closely related; everyone's working from their mobile device now, and if you leave your phone behind someplace, you've exposed a lot of data. Data aren't managed anymore; everything is out there on a cloud, not going back to a centralized corporate server.

Daniel Gonzalez, CEO of D.A.D. Protection Services, provides advanced security advice and programs for Class-A high-rise facilities and industrial warehouses. Gonzalez said the most vulnerable data are rental applications and credit reports, the abuse of which could damage not just the individual victim, but the economy overall. And the risk, he said, lies not only in cyberspace.

"Never leave paperwork lying around, even in locked files," he urged. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed


An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.