If they continue to brush off cybersecurity concerns, multifamily operators may open themselves up to a whole world of trouble.
Networks in multifamily buildings control a great deal of personal information about their residents, from names and passwords to more sensitive data, including video and audio streams from security cameras, webcams and smart speakers. If a cybersecurity breach puts that data into the wrong hands, the owner of the network could face hefty fines. Not to mention lawsuits from tenants under the Digital Millennium Copyright Act.
“You can think, ‘Oh, that doesn’t affect me,’ but the threat is real,” said Trey Lutrick, director of corporate strategy at Lumen. “There are lesser-known criminal activities that can happen over multifamily networks, encapsulating ransomware, sex crimes and malicious actors looking for a financial windfall or to get control over residents through sensitive data.”
Under the DMCA, multifamily owners can be held liable for illicit activity on their networks. This could be something as simple as a resident torrenting videos or music illegally. More nefarious attacks could result in expensive and reputation-damaging legal action. This includes a hacker attempting to get personal information or footage of a resident.
It is now common for multifamily owners to insure themselves against these kinds of breaches, Lutrick said. Most large multifamily operators in the country have policies that protect them if residents’ personal data is stolen. Rather than just mitigating the fallout from a breach, owners can also work to prevent breaches. Owners can partner with a broadband network that nips illicit activity in the bud.
“Multifamily operators aren’t set up to be IT gurus,” Lutrick said. “They look to their broadband provider to be that initial secure entry point into their networks.”
When multifamily owners bring broadband service from CenturyLink, which is now under the umbrella of Lumen Technologies, into their communities, they get all the systemwide security benefits of Lumen’s global network. Simply by logging on to their building’s WiFi, residents receive base-level encryption, edge protection and compliance with latest-generation WPA3 security. This global network also “sniffs” traffic coming and going in a building, seeking out and blocking illicit access. In multifamily communities, Lutrick said, CenturyLink networks promote regular password refreshes and offer residents multifactor authentication and access to VPNs to add additional layers of security.
According to Lutrick, these precautions are enough to protect the majority of multifamily communities. They can insulate owners from embarrassing and costly breaches that can put resident data in the wrong hands. By stopping breaches in the first place, rather than just insuring against the inevitable, owners can build a reputation for safety.
“Every CenturyLink network is going to come equipped with the lion’s share of the protection that multifamily owners need,” he said. “But there are definitely larger national clients who want even more protection.”
Lutrick described helping to build custom cybersecurity measures for some of the largest multifamily owners and developers in the U.S. As they would with any enterprise customer, Lutrick and his team built out tailored encryption and firewall strategies. They also built protections against more concerted hacking efforts, like denial-of-service attacks and those that exploit virtual Local Area Networks to bypass security.
Because Lumen provides broadband to departments of the U.S. government, Lutrick said, the company is on the front lines against cyberattacks, and the changes that CenturyLink makes for its largest users protect its smallest users, too.
These sorts of precautions are increasingly important as the multifamily technology landscape becomes more complex. Smart devices from thermostats to security cameras are proliferating, each one providing a separate node that could let a hacker access a multifamily building’s wider systems. Internet of Things devices — like the Google Home and Amazon Echo — have immense cybersecurity protections already. But hackers are constantly pushing the limits of security of these voice recognition products, hoping to find a vulnerability to exploit.
But Lutrick stressed that cybersecurity concerns shouldn’t dissuade multifamily owners from installing new technologies. These new technologies could help bring in new tenants and boost their net operating income. Instead, owners should invest in whatever technologies they like, with clear eyes about the cybersecurity issues that face them. They should also have a parallel investment in a secure digital backbone.
“You may not be a target today, but no one can say what’s coming down the road tomorrow,” Lutrick said. “This is not just something you can lower your guard on. The only time you know you didn’t protect yourself well enough is after something has gone wrong.”
This article was originally posted on https://www.bisnow.com/blogs/quantumfiber on November 16, 2020. It was produced in collaboration between the Bisnow Branded Content Studio and CenturyLink.