Commercial Real Estate
4 Ways Commercial Real Estate Investors Can Practice Good Cyber Hygiene
You play a critical role in your business’ fraud prevention efforts. Use the tips below to lead by example in protecting yourself and your company from the ever-evolving threat of cybercrime.
One of your company’s biggest vulnerabilities to cyberattacks is also one of its most ubiquitous factors: personnel. When our modern dependence on technology to perform commercial real estate (CRE) activities—like collecting rent, paying vendors and managing portfolios—mixes with human error, cybercriminals have an opening to engineer attacks that can lead to millions of dollars in losses. Therefore, it’s important for businesses to practice good cyber hygiene from the top-down.
Here are a few key tips you can follow to help strengthen your business’ cyber readiness:
1. Recognize Cyber Red Flags
Hackers take advantage of people’s trust and helpful nature by employing social engineering techniques to get around cybersecurity protocols. Criminals can trick even the most experienced employees into performing actions or divulging confidential information via email, phone calls, social media and other interactions, which could lead to a compromise of business data or assets.
- Look out for these phishing email warning signs: poor grammar and spelling, urgent language, hyperlinks or attachments, fake logos, vague email addresses and missing or vague contact information.
- Don’t assume a request is genuine just because the requester knows information about you or your company.
- Don’t rely solely on email for authenticating wires. Call back to a verified phone number.
- Be cautious of clicking on any links or attachments sent to you in emails.
- If you’re a building engineer, commercial architect, property manager or someone else with privileged responsibilities, make sure your critical personal information isn’t publicly available online.
2. Clean up Your Mobile Device
The small computer that fits in your pocket has made life more convenient, but it also tracks who you are and where you’ve been, as well as information on your friends, family and other contacts. This can make you and your mobile phone a prime target for hackers.
- Use a six-digit lock code and enable biometrics (fingerprint or facial recognition) on your device.
- Review your apps and the type of data they collect and share with others; stop your phone and apps from tracking your location when they’re not in use.
- Enable tracking, controlling and wiping of your mobile device when not in your possession so that you can remotely erase all data if your phone is lost or stolen.
3. Protect Your Email Account
Hackers can attempt to gain access to your accounts by attacking email providers. It’s important to utilize your email provider’s security features as well as implement some of your own safeguards.
- Maintain separate accounts for business and personal use and don’t use them interchangeably.
- Enable multifactor authentication for employees accessing email remotely.
- Use an email encryption tool when transmitting sensitive information.
- Create “disposable” email addresses for websites that require an email as a user ID.
- If accessing your business email account from a personal computer, install anti-virus and anti-malware software with auto-updates.
4. Scrub Your Social Media Accounts
The personal information on your social media accounts could be used for social engineering efforts. For example, fraudsters can guess certain authentication vetting questions for your online accounts by learning personal information about your life online.
- Limit the amount of personal information you publish on social media, such as the names of your children, pets and schools you’ve attended.
- Report any suspicious activity or spam, which can come in the form of a post, message, email or friend request.
If you believe you’re being impersonated or targeted on a social media platform, immediately report it to the social media site and change your password.
In today’s world, cybersecurity is everyone’s business. Now that you know how to practice good cyber hygiene, you can help ensure that you and your CRE employees are able to spot and react swiftly to a fraud attack.
Alfred R. Brooks, Managing Director, Chase Commercial Real Estate
Alfred R. Brooks, Managing Director, Chase Commercial Real Estate
Alfred (Al) Brooks is the Head of JP Morgan Chase Commercial Real Estate. He is responsible for executing Commercial Banking's real estate strategy for Commercial Term Lending (CTL), Real Estate Banking (REB) and Community Development Bank (CDB). With a portfolio of $100 billion and annual originations exceeding $30.7 billion, Al maintains the largest multifamily portfolio in the nation. In addition, he is a member of the Commercial Banking Executive Committee and the JPMorgan Chase Real Estate Council.
