The way owners and administrators operate their buildings has gradually become more sophisticated and streamlined as new advances in technology get available. From building connectivity to HVAC systems to keyless entry — modern technologies have altered the property management industry with solutions that bring a faster, better integrated, safer, and more convenient approach.
Unfortunately, the risks of cyber breaches have also augmented. These need to be taken seriously by property managers to avoid potential severe impacts on the property and its operations. To that end, cybersecurity hygiene is a must, as a cyberattack could ruin the building’s reputation, compromise the trust of tenants, and result in costly legal actions, among other negative consequences.
A primary pillar of cybersecurity
An important way to prevent cyberattacks is by reinforcing physical security. Oftentimes, criminals obtain access to information through the physical world, by finding a way into the building and plugging into any IP connection or by getting to the servers.
As the cloud, Internet of Things (IoT), and managed access control services are being implemented by property managers to increase site security, hackers are also finding in these technologies new opportunities to access a building’s data.
Any device on the IoT could be used as an entry point to the network. For instance, a hacker could disable physical security devices, such as surveillance cameras, access control systems, or alarms by exploiting vulnerabilities offered by unsecured networks or a weak IoT.
Therefore, it is recommended that residential and commercial buildings and systems are properly hardened. To truly prevent risks and mitigate liabilities, cyber and physical security should stop being treated as standalone functions. Instead, property managers must strengthen their posture with an integration of both physical and cyber strategies.
Attack surface
Vulnerable entry points into the network of a building can be digital (e.g., weak passwords, poorly maintained software) and physical (e.g., improperly discarded hardware, passwords on paper, or physical break-ins). These can be avoided by:
- Utilizing modern access control solutions and multifactor authentication.
- Strengthening perimeter security.
- Discarding unnecessary or unused software, as it can result in policy mistakes, enabling bad actors to exploit these endpoints.
- Performing Network Penetration Tests to uncover vulnerabilities, before the experienced hacker does.
- Locking down the control panel. These consoles give guards the ability to manually open or close a security entrance with the push of a button, have access to cameras, and look at reports. Each person with access to the control panel should have a unique passcode. In addition, operators must be logged out of the device each time they walk away from the desk, even if it is just for a few minutes.
- Having in place precise protocols to discard equipment and ensure that they do not contain user data or log-in credentials.
- Regularly training employees on cybersecurity threats.
- Assessing vendor maturity when deploying IoT technologies.
The current digital transformation is facilitating the operations of property managers. New technologies have made it possible to provide more secure and convenient spaces for renters. However, this digitization and reliance upon IoT, has created new susceptibilities for the industry. To prevent cyberattacks, it is crucial to have a strong network hygiene and implement the right physical security solutions for your building.