Connect with us

Security

3 reasons landlords need a tight digital security strategy 

Whether you have one tenant or one thousand tenants, you can’t afford to ignore data security. 

nondescript wifi router on table
Image: Consumer Reports

Hackers want names, birthdates, email addresses, billing addresses, and phone numbers so they can piece together profiles to use for identity theft. Each data breach makes more of that information available to cybercriminals who collect personal information until they have enough to use for sinister (and illegal) purposes.

A landlord’s web presence that appears to collect tenant data is a natural target for hackers. Therefore, it’s crucial for landlords to have a tight digital security strategy to protect tenant data from getting into the wrong hands. 

If you’re a landlord and you don’t have a strong data security plan, here’s why you need one.

  1. You can choose third-party services that align with your standards 

With a tight digital security plan, you’ll have specific standards to measure third-party services against. If a third-party service doesn’t meet your security requirements, you can find another vendor. This is especially important if you’re dealing with information protected by HIPAA or any other specialized data privacy laws. 

Without a list of specific standards to compare, you’ll never know what a third party means by “data security.” This is risky when a third party collects personal data on your behalf. For instance, say you rely on a property management company to collect rent online. Do you know exactly how your tenants’ data is protected? Is the data encrypted at rest, in transit, or end-to-end?

Generally speaking, experienced property management companies take data security seriously, especially in fast-growing areas like Houston where landlords own multiple properties. Most companies use top-rated rent collection software with built-in encryption and data security features. However, unless you determine your own set of standards, you’ll never know if your contracted services meet your needs.

Don’t let any third-party drop the ball on security and leave you with the aftermath of a data breach. Know exactly what your security requirements are and make sure all contracted services meet or exceed those requirements.

  1. Accidents happen (and mistakes can be expensive)

No matter how carefully you handle tenant data, accidents can happen. For instance, say you decide not to use a third-party application to verify that all email attachments are intentional before a bulk email is sent. If you send a mass email to your tenants and attach the wrong file, you may not realize it until your recipient(s) tell you. By then, the damage will be done. 

Attaching the wrong file doesn’t seem common, but it happens more frequently than you may think. For example, on March 23, 2020, Watford Community Housing (WCH) emailed tenants with advice for safely communicating with WCH during the COVID-19 crisis. Somehow, the sender attached a spreadsheet containing tenant personal data. In addition to names, birthdates, and addresses, the spreadsheet included tenants’ religious beliefs, sexual orientation, and disability status.  

The WCH sent a follow-up email to all tenants, apologized for their mistake, and requested that everyone delete the email. The organization also reported the data breach as required by law. This mistake could have been avoided with software that verifies attachments before sending a mass email. 

  1. Data breaches and GDPR violations are expensive

Between paying for repairs, maintenance, and mortgages, you really can’t afford to pay the fines for a data breach. In 2019, The Guardian reported that companies can expect to pay between $1.25 million and $8.19 million for a single data breach. 

The main reason a single data breach can be so costly is that the fines are assessed per stolen record. For instance, a landlord with just four tenants will be hit with a much smaller fine than a landlord with four thousand tenants. 

Mishandling data under GDPR carries hefty fines

Mishandling data is common in the real estate industry, and fines under the GDPR regulations can be assessed for more than just breaches. In fact, the first multi-million-dollar GDPR fine was assessed against a German real estate company for retaining data longer than necessary

GDPR requires that companies delete data at the consumer’s request, but also sets inherent limits for data retention. Data retained longer than necessary increases the risk of identity theft in the case of a data breach. 

It’s a landlord’s duty to protect tenant data

Risking your tenants’ privacy means risking huge fines and the loss of all tenant trust. Contact a security expert to create a digital data security plan for your business. Whether you have one tenant or one thousand tenants, you can’t afford to ignore data security. 

Have any thoughts on this? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Comments

More in Security