.jpg)
Modern cybersecurity challenges are not always about adding new tools. For many housing organizations, modernizing systems that support daily operations is a priority, especially as technology continues to evolve and infrastructure demands increase.
At the Columbus Metropolitan Housing Authority (CMHA), that meant taking a comprehensive approach to strengthening their technology environment, not only to improve security but also to enhance reliability, performance, and access for both staff and the community. Rather than addressing individual systems one at a time, CMHA focused on building a stronger, more resilient foundation that could support long-term operations and reduce risk across the organization.
A comprehensive approach to modernization
CMHA launched a multi-year cybersecurity and technology modernization effort to improve system reliability, strengthen security, and support long-term sustainability. Rather than relying on incremental updates, the team designed a coordinated approach that addressed infrastructure, access, and end-user systems together.
The project included several key components:
-
Cloud migration: Core systems were moved from on-site servers to a Microsoft Azure cloud environment, improving system monitoring, scalability, and overall resilience.
-
Network and access improvements: Internal networks were strengthened with updated configurations and tighter access controls to better protect sensitive systems and limit unauthorized access.
-
Backup and recovery enhancements: Updated backup and disaster recovery capabilities were implemented to ensure critical systems and data can be restored quickly in the event of an incident.
-
System modernization: Outdated servers and legacy systems were retired or replaced, reducing complexity and eliminating older technologies that are harder to secure and maintain.
-
Community computer lab upgrades: Computer labs used by residents were refreshed with updated hardware and configurations, providing safer, more reliable access to digital tools and resources.
Together, these improvements created a more consistent and manageable technology environment, improving how systems are secured, maintained, and supported across the organization. Vice President of Information Technology Yuhma Koh leads these efforts, focusing on protecting sensitive data, improving system performance, and reducing organizational risk.
"The project was driven by aging infrastructure, increasing cybersecurity risk, and the operational challenges of maintaining legacy systems," Koh said. "Modernizing our environment was a proactive step to reduce exposure, improve resilience, and better protect agency and resident data."
What other housing organizations can learn
For housing authorities considering similar efforts, Koh recommends viewing cybersecurity as an operational priority.
"Cybersecurity should be framed as an operational risk issue, not just a technology upgrade," he said. "Clearly articulate how legacy systems create exposure, how modernization reduces that risk, and how the investment protects both financial and community interests."
CMHA’s experience also shows that large-scale improvements do not have to happen all at once. Starting with key priorities and building momentum over time can lead to meaningful, lasting improvements.
Additional cybersecurity resources
Looking to strengthen your organization’s cybersecurity approach? Explore these additional resources from HAI Group Cybersecurity Resource Center:
- Free Resources: Cybersecurity Awareness Month 2025
- Housing Risk Guide: Email Security
- Housing Risk Guide: Cybersecurity in Affordable Housing
- Don’t Get Hooked: What Housing Organizations Need to Know About Social Engineering Attacks
- Create a Cyber Incident Response Plan to Protect Your Housing Organization
