Many aspects of the property industry for landlords and agents have long been dominated by face-to-face interactions and paper-based processes.
With digital transformation in full throttle, there are valid reasons to embrace digitisation across the property sector for creating new communication platforms and safeguarding transactions. It is, however, important to be mindful of new cyber security risks that can jeopardise sensitive client data, disrupt operations and damage reputations if not effectively managed.
This article provides tips to help landlords and property agents in the UK to protect themselves online using a combination of technology, processes and awareness.
Why is Digital Security Vital for Landlords and Agents?
Landlords and estate agents handle sensitive information as part of their daily operations. This includes financial and personal data on clients as well as confidential documents like tenancy agreements and supporting paperwork for ongoing property transactions which detail past buyers, vendors or sellers.
A cyber security incident could lead to this information being leaked or stolen. Not only could client data be compromised and subsequently distributed on the dark web, but estate agents could be subject to hefty GDPR and HMRC fines if they don’t exhibit sufficient data protection. It’s also prudent to note that with many estate agencies operating on a franchise basis, implementing company-wide managed detection and response (MDR) capabilities is harder than it sounds, with each branch having specific complex incumbent setups.
One particular type of cyber attack involves ransomware, a malicious software programme which locks staff out of critical systems and databases needed to conduct business. Without resilient protection measures, everyday activities like arranging viewings, sales and rentals grind to a halt until a desired ransom is paid. Such downtime directly impacts revenues while operational disruption and reputation damage can steer prospective clients away. On top of compromising sensitive information and interrupting operations, attacks are costly to recover from.
Benefit From Bolstered Cyber Security
The process of enhancing cyber defences takes many forms but it delivers many advantages beyond just reducing risks. For starters, it reassures clients that their sensitive data is being responsibly protected, building long-term trust and loyalty.
Landlords and estate agents have many responsibilities when ensuring a safe and compliant transaction which are only made easier with secure, safe and reliable software, tools and automation that reduces human error. Successfully leveraging software that, in turn, boosts cyber resilience and makes operations more efficient. Here are seven ways that landlords and estate agents can become more productive, digital and secure.
1. Use Strong Passwords
Weak passwords are one of the easiest ways for cybercriminals to gain access to systems and data, and it doesn’t help matters that all of us are habitually reusing the same passwords for multiple logins. This is also a huge cyber security risk.
To mitigate this, make sure all staff use passwords with several characters, mixing upper and lower case letters, numbers and symbols.
Consider enforcing password managers to generate and store strong, unique credentials for each user using any application or system. You can also enforce regular password updates and changes for additional peace of mind.
2. Enable Multi Factor Authentication (MFA)
Adding an extra layer of verification such as one-time passwords, codes or prompts reduces the risk of criminals accessing accounts even if they have the password. This can come in the form of email passwords, mobile phone codes, or biometric prompts, depending on the level of security required.
It’s widely recommended that you turn on MFA for all shared cloud apps and remote access systems, where applicable. Ensure staff have MFA enabled on email accounts which are often targeted by phishing.
3. Control Access with Least Privilege
Limit account permissions to only what is needed for each staff member’s role, known as least privilege access. This reduces an estate agent’s possible exposure and attack surface, if credentials are somehow compromised.
It also means that administrative access is not granted across the board, and allows you to centrally control and authorise who needs additional privileges. Review access regularly, remove privileges for those no longer employed by your firm, and restrict them for junior or less experienced staff.
4. Install the Latest Security Updates
Cybercriminals exploit known software vulnerabilities to target estate agents running outdated applications and operating systems. This is why it’s pivotal to update software and systems when prompted so all these possible entry points can be patched immediately before being exploited.
Maintain patching schedules to ensure all devices, apps and platforms are always on the latest versions. Roll out automated solutions where possible.
5. Encrypt Sensitive Data
Encryption protects information by masking it so only authorised parties can view it. Encrypt sensitive fields in databases like financial details and use file encryption for digital downloads that offer financial advice and other documents containing confidential client information. This prevents data from being read and utilised if it were to fall into the wrong hands.
6. Secure Endpoints
Endpoints like laptops, mobile phones and servers store valuable data and access critical systems so securing them is a priority. Deploy endpoint detection and response (EDR) tools combined with 24/7 managed detection and response (MDR) solutions to monitor endpoints for threats and quickly contain incidents.
7. Back up Critical Agency Data
Ransomware attacks often restrict access to systems and data, demanding payment for the restoration of access. Often these will be using blackmail tactics to usher in faster payment which is why offsite and onsite backups must be kept. Maintaining recent backups helps estate agents recover files and applications without paying hefty, extortionate ransoms.
Above are some baseline practices to bolster their cyber security foundations. However, the threat landscape is continually evolving with each passing day, so optimum cyber resilience is never a one-and-done process. You should take proactive measures and precautions to ensure that you’re practising best cyber protection automatically.
In time, as your estate agency begins to scale operations and take on more clients, you can embrace new technology and software with increased confidence. You’ll be best prepared to roll out new solutions that improve productivity and allow your teams to hit targets, while ensuring positive client and customer experiences. You’ll be able to do this while maintaining a culture of consistent cyber awareness meaning that any adjustments will be made with data preservation in mind.