Blog

Blog

Cybersecurity and Commercial Real Estate

Cybersecurity and Commercial Real Estate

A gradual evolution is happening in the real estate industry. A growing number of commercial real estate (CRE) companies and building owners are adopting new software platforms. These companies utilize the latest cloud, mobile and social media tools to analyze data and manage environmental and security systems. Technological advances help attract and engage potential and existing investors and tenants.

Agents who spend most of their day on the road and in the field have easy and immediate access to important data and documents, thanks to cloud technology. So-called “smart buildings” are using building management systems (BMS) to regulate and adjust temperature and lighting, and identify residents and visitors.

Plus, social media has become an essential tool for marketing to and communicating with potential clients, investors and tenants.

But all this mobility and integration of different digital systems require a heightened degree of cybersecurity. Sadly, too many commercial real estate companies have yet to implement the necessary security. Despite serious financial, legal, and reputational damage suffered by businesses in recent years as a result of hacking and data breaches, the CRE industry mistakenly believes itself to be less at-risk than, say, the retail or financial sectors. However, CRE networks are just as vulnerable to cyberattacks. They should begin taking the necessary steps to remain secure.

How Hackers Target Real Estate

Public awareness about the need for cybersecurity has grown. As one high profile business after another across different industries falls prey to complex and damaging cyberattacks, the need for cybersecurity has increased. The November 2013 data breach at the retail giant Target occurred after network credentials were stolen from Fazio Mechanical Services, Target’s then provider of HVAC systems. Hackers were able to access Target’s network through Fazio’s systems and steal personally identifiable information data belonging to nearly 110 million customers. These included including names, mailing addresses, phone numbers, email addresses and debit or credit card numbers. The integration of two different digital systems allowed hackers to find a way “in” to Target’s network.

But there are multiple opportunities for hackers to locate and exploit vulnerabilities in a company’s network. Without strong, comprehensive cybersecurity measures in place, personal and sensitive data can be compromised. Breaches can happen through the use of cloud services and social media platforms by CRE professionals, online transactions with vendors and tenants, interconnected building management and tenant systems, Bring Your Own Device (BYOD) policies, and open Wi-Fi networks. The good news is, there are steps businesses can take to secure their networks, and protect their partners, vendors, and clients.

Cybersecurity Steps for CRE

Creating effective guidelines and policies for preventing a cyberattack begins by making every company employee, including those at the board level, aware of the threat. Employees should be educated on how to create strong passwords, safely surf the Internet, and spot potential malware in the form of emails. While free email and cloud services are cost effective and easy to use, real estate companies should take care to use service providers who provide encryption and a high level of security and accountability to facilitate the safe transmission of sensitive documents.

Additional cybersecurity steps for commercial real estate companies should include:

  • Implementing strict guidelines for accessing and managing data and using mobile devices, including smart phones and tablets.
  • Investing in products to protect your networks, software, and devices.
  • Understanding the system controls and protections in any building you occupy that are out of your operational control.

As the threat of cyberattack continues to grow, other industries are adopting a collaborative approach to and increasing their spending on more robust and comprehensive cybersecurity measures. Commercial real estate companies must do the same. Technology has brought an unprecedented number of positive changes to our industry. But without secure protections in place, commercial real estate companies risk significant financial and reputational losses.