Keeping information safe and secure is a challenging development for businesses of all sizes over the last few years, including public and affordable housing organizations. Expeditious shifts from in-person to online to hybrid workplaces forced companies to change, or at least reexamine, their cybersecurity practices and protocols, and far too often they weren’t prepared.
In fact, according to CyberEdge’s Cyberthreat Defense Report, 85% of organizations suffered from a successful cyberattack in 2021. Now, organizations that have suffered cyberattacks along with companies that have been fortunate enough to avoid being a victim of breaches and hacks are looking at ways they can bolster their defenses and safeguard their data. But which plans, practices, and services should these organizations invest in?
Below are four steps housing organizations of all shapes and sizes can take to better protect against cyberattacks:
Identify ‘crown jewels’ of your housing organization
Understanding what information cybercriminals are after most is essential to combating cyberattacks. Therefore, creating an inventory list of the valuable data and assets within your organization, including personally identifiable resident and employee data, is of the utmost importance.
In addition, take note of who has access to important data and information while also accounting for all storage locations. This practice will ensure that organization leaders have a track record of accessibility so that they know where to look in case of a vulnerability or breach.
Prevent breaches by updating and authenticating
At the end of the day, protecting your data and devices from malicious actors is what cybersecurity is all about. In order to accomplish this, make sure your organization’s security software is current. Investing in the most up-to-date software, web browsers, and operating systems is one of the best defenses against a host of viruses, malware, and other online threats.
Furthermore, make sure these devices have automatic updates turned on so employees aren’t tasked with manually updating devices. Additionally, make sure all data is backed up either in the cloud or via separate hard drive storage.
Another important way to keep your housing organization’s assets safe is by ensuring staff are using strong password authentication to protect access to accounts and ensure only those with permission can access them. This includes strong, secure, and differentiated passwords. According to a 2021 PC Mag study, 70 percent of people admit they use the same password for more than one account. Using weak and similar passwords makes a hacker's life a lot easier and can give them access to more materials than they could dream of.
Finally, make sure employees are using multi-factor authentication (MFA). While this may result in a few extra sign-ins, MFA is essential to safeguarding data and can be the difference between a successful and unsuccessful breach.
Monitor for suspicious activity
Your housing organization must always be on the lookout for possible breaches, vulnerabilities, and attacks, especially in a world where many often go undetected. This can be done by investing in cybersecurity products or services that help monitor your networks such as antivirus and antimalware software.
Moreover, make sure your employees and personnel are following all established cybersecurity protocols before, during, and after a breach. Individuals who ignore or disregard important cybersecurity practices can compromise not only themselves, but the entire organization. Paying close attention to whether your company is fully embracing all of your cybersecurity procedures and technology is incumbent upon business leaders.
Have an incident response plan ready
No matter how many safeguards you have in place, the unfortunate reality is that cyber incidents still occur. However, responding in a comprehensive manner will reduce risks to your business and send a positive signal to your customers and employees.
Therefore, your housing organization should have a cyber incident response plan ready to go prior to a breach. In it, your organization should embrace savvy practices such as disconnecting any affected computers from the network, notifying your IT staff or the proper third-party vendors, and utilizing any spares and backup devices while continuing to capture operational data.
Help your housing organization fight cybercrime
If you work for a public housing organization, HAI Group’s security team and the U.S. Department of Homeland Security recommend registering for MS-ISAC, a free service that includes cybersecurity alerts, a cybersecurity toolkit, and the Malicious Domain Blocking and Reporting (MDBR) service, which can block the vast majority of ransomware infections by preventing the initial outreach to a ransomware delivery domain.
Visit HAI Group’s Cybersecurity Center for more free cybersecurity resources for public and affordable housing organizations, including online training to help employees identify and avoid cyberattacks.
Includes copyrighted material from a company under the HAI Group family, with its permission. this post is for informational purposed only and is not intended to provide legal advice, and shall not be relied on as such. We strongly recommend consulting with legal counsel or an appropriate subject matter expert.