How to Avoid a Cyberattack: Real Estate Checklist

3 min read

Smart homes and advanced building management systems make the industry more relatable, suitable and attractive for young people, but those things that also make it riskier.

By Alexandra Pacurar

alexandra_pacurarThe discussion about using technology in real estate heated up lately, with developers preparing for a complete shift to a market fit for Millennial and Generation Z buyers and renters. Smart homes and advanced building management systems make the industry more relatable, suitable and attractive for young people, but those things that also make it riskier. Integrated software that use personal information such as bank accounts make the industry a target for cyberattacks.

Security measures need to increase at the same pace as the immersion of new technologies in the industry. A Deloitte report from 2014 shows that roughly 33 percent of business leaders see cyber risk as the second highest obstacle in the way of company growth in the future. Still, little to nothing is invested in prevention and management of cyberattacks, an issue that is more and more common these days.

Entry Points

There are several ways in which hackers can break into your data system. Below are the most frequent entry points:

  • proprietary front-end mobile/web apps (most common in the hospitality and retail sectors)
  • online payments/POS (most common for hotel operators and retail tenants)
  • industrial control systems/HVAC/Building Management System (most common for retail)
  • third-party apps on employee devices (for organizations where Bring Your Own Device policies are in place; for example, in hospitality—employees sending business documents and reports using their own mobile devices or laptops)
  • web server/network/cloud (most common for data centers)
  • open Wi-Fi access (most common for hospitality and residential)
  • Building Automation System (BAS)—intelligent devices such as air conditioning, lighting control, thermostats and other parts of a smart building that are connected to the internet
  • third-party monitoring providers—for surveillance or more
  • smart cities and Internet of Things (IoT—smart sensors monitoring everything from room occupancy to the humidity)—one of the top CRE tech trends of the year
  • employees/the human factor

The most common and maybe most unexpected cyber security breach is represented by negligent employees. Careless, uninformed employees contributed to 46 percent of cybersecurity incidents in the past year, as shown in a report from Kaspersky Lab and B2B International. Also, 44 percent of them hide such issues for fear of the consequences, which only makes things worse.

The IoT is one of the top CRE tech trends of 2017, which is why real estate owners, investors and managers should pair all smart technologies with top security software and staff.


There are cheap ways to prevent cyberattacks. The first and most efficient is training of current staff. Teaching employees about phishing scams (still the most common form of cyber threat) and how to identify and deal with such attempts might save you a lot of money—up to 20 percent of your company’s total revenue (according to the Cisco 2017 Annual Cybersecurity Report). Adding specialized staff to your company/team is another great way to make sure that things can get fixed as soon as possible.

Also, make sure you have insurance coverage to help you neutralize the effects. Segmenting the data networks is also a good way to protect your data. Keep the BAS on a different network from the company network. Implementing strong authentication protocols and having encrypted password storage or, even better, none at all, are also ways to minimize risks of cyberattacks.

You May Also Like

The latest CRE news, delivered every morning.

Most Recent