How to prevent data breaches in property management

It’s a data-driven world and we’re all living in it. As more companies now rely on digital data to run their businesses more efficiently – the risk for misuse and theft of these important pieces of information is higher than ever. And, with many of us in property management continuing to work remotely following the pandemic, we need to make sure our IT systems are protected from a data breach.

A big part of security is the proactive prevention of data loss, theft, and security breach, and it is always better to prevent these from happening instead of mitigating attacks. Preventing a data breach is crucial in property management as sensitive information of customers are regularly collected and used in property management software systems.

Data Breach explained

A data breach is an incident in which information is accessed by an unauthorised person. This unauthorised access can cause data to be stolen, deleted or copied and used maliciously, although simply viewing information not meant for certain individuals is also considered a data breach.

An agency’s front desk staff gaining access to the rent roll when this is not part of her role’s responsibilities is an example of a data breach.

How breaches happen

Access to confidential information is typically granted through correct matches of credentials (password and username) and is usually the first step to preventing unauthorized entry to computer systems. However, these credentials can be hacked and/or stolen making a data breach possible.

Aside from stolen credentials, data breaches can also be a cause of simple human error. Attaching the wrong document, sending an email to the wrong person, providing unauthorised staff a higher security access, etc. can all cause a data breach.

Usual target of data breaches in property management

Data breaches attack any type of digital data stored in your systems. Real estate agencies – whether providing property management services, sales or both – are typically high-risk for breaches as they handle and store confidential information of customers in their portfolio, apart from their own company’s information. For a real estate agency, the following are considered targets for a data breach:

  • Customer name
  • Date of birth
  • Social Security number
  • Email addresses
  • Mailing or physical addresses
  • Phone number
  • Banking account number
  • Agency’s financial information

Data Breach Prevention Checklist

Preventing data breaches from happening could save your company from thousands of dollars that’s usually associated with recovery and mitigation of a data breach. Prevention also helps reassure your customers that you are handling their information securely.

  1. Ensure data you collect and store complies to regulations
    Data security laws govern consumer privacy and it is important that whatever data you collect from your customers adhere to these regulations. In Hongkong, the Personal Data (Privacy) Ordinance states how users should collect, use, and handle personal data.
  2. Establish a Data Security Policy in your agency
    Developing a data security policy is the best way to avoid data breaches in your business. The policy should discuss in detail best practices and procedures that employees should adhere to in safely accessing data. Best practices often include:

    • Creating difficult to decipher passwords and changing them often
    • Keeping data transfers to a minimum, including use of external hard drives and disks
    • Shredding paper files before disposing of them
    • Develop email and website access policies to prevent employees from going to untrusted websites
    • Using cloud servers as they are encrypted and monitored – making them difficult to hack into.
    • Create a policy for using devices – whether the agency is providing one for the staff or the staff using their personal device at work.
  3. Automate data security processes
    As previously mentioned, human error accounts for a large number of data breaches. But as these can be easily committed – so too can they be easily avoided. With automation, you can install safeguards such as password update reminders, firewall protection and automated filters in websites and emails to prevent employees from clicking malicious content. You can also implement access notifications in your property management software to alert you when confidential information is being accessed.
  4. Conduct staff training
    As discussed above, employees are vulnerable to data breach attacks as they have the potential to click malicious links or download malicious viruses in doing their day to day work. Simply developing a data security plan might be the best way to prevent data breaches, but regular training on cybersecurity is just as important. Training helps your staff develop habits that always put data privacy first in doing their work.
  5. Encrypt files
    Property managers always deal with customer information regularly and send sensitive documents like leases. This makes encryption crucial as it protects sensitive data if documents get sent to the wrong person or stolen. Encrypted data can only be decoded with the associated key – making it difficult to access by unauthorized individuals.
  6. Use multi-factor authentication
    Multi-factor authentication provides additional security especially in remotely accessing business systems. Multi-factor authentication involves users to provide two or more evidence to prove their identity, thereby granting authorized access. This could be providing a security question on top of the password or a One Time Pin (OTP) that gets sent to the authorized individual’s mobile device. Multi-factor authentication is especially important when performing privileged action or accessing a sensitive data repository.
  7. System accessibility
    Only give employees access to files that are necessary for them to complete their jobs. This helps limit the information that can be misused in case a data breach were to happen.
  8. Update software regularly
    IT experts recommend keeping all application software and operating systems you use updated regularly. Install patches whenever available as they are necessary to correct bugs in the software. Your systems are more vulnerable when programs aren’t patched and updated regularly.
  9. Perform system audits
    Perform vulnerability assessments once a month or even weekly. Regularly check the security controls and contents of every system in the network (internal and external) to identify threats and be prepared for attacks.
  10. Backup data
    While data breaches often steal information, some simply just delete your data. This makes backups important as it will help you restore the data instead of starting from scratch. Cloud-based property management software has an advantage as it is often the easiest way to back up your files and data off-site, instead of manually performing them.

Protecting your most valuable resource

According to economists, data is now the world’s most valuable resource, making it even more important to protect it. With a solid data security policy and a strategy to implement them in your agency, data breaches can be avoided.

Book a free demo today to discover the MRI Software difference.

Get a software demo

Property Management Software

Multi-discipline technology for property owners, investors and occupiers.

Get a demo
Property management software
Data Sheet

A fully integrated lease accounting solution
for IFRS 16

In today’s dynamic financial landscape, achieving compliance with evolving accounting and reporting regulations is more critical than ever. MRI stands at the forefront of facilitating this compliance, particularly in light of the demands set fo…

View the Data Sheet

Related Resources

Select your region