Real Estate IT Services
Real estate is the largest asset class in many U.S. areas, and partners with multiple vertical services for each transaction. Those services include title, financial lending, insurance, appraisal, and inspection.
As a real estate professional or brokerage, you require robust real estate IT services to protect yourself from the outside world, but have you considered the impact of poor cybersecurity management by vertically integrated services that you trust?
Managing supply chain cybersecurity without the proper tools bears apparent challenges for real estate IT services teams. The key is to create a compliance framework that adheres to accepted real estate IT support practices upon which all sides can agree. Remember that to gain cooperation in cybersecurity compliance, you must offer it in return. The result of evaluating a supplier should be a “cyber trust score” to quantify security resilience.
Cybersecurity compliance framework components should include assessments of the following:
Email Security.
A solid real estate IT services team will understand that email security should include link and attachment scanning, anti-malware, and security awareness training to keep agents abreast of the latest phishing tactics. All too often, the weak link is human, not digital.
Network Security.
Network security, in the real estate IT support realm, should include a business class, penetration-tested firewall, healthy physical controls such as restricted building access and audible alarms, and regularly scheduled security assessments.
Device Security.
Endpoints should have malware protection and host-based firewalls, monitored by a competent real estate IT support company, in addition to being patched on a regular, frequent basis. Device standards should be in place, such as those having supported operating systems.
However, for many brokerages, external threats are not confined to the supply chain. Because agents are technically independent contractors and therefore separate companies, they and their assistants are allowed to use personal devices with varying degrees and cyber protection brands. This policy decentralization spells danger for both management and the agents by increasing liabilities unnecessarily. While such a model may have been attractive in past years, it’s no longer feasible from an real estate IT services standpoint and leaves too much at risk.
We recommend that brokerage CTOs work with management to revamp agent agreements to enforce device standards and security levels implemented by an expert real estate IT support team. The cost of a data or financial breach could be much higher than the repercussions of contractual enforcement.