Do Multifamily Communities Need Cybersecurity? Yes, But Not Just For The Reason You Think
Most multifamily developers and owners don’t spend a lot of time thinking about cybersecurity. Why should they? Apartment internet networks aren’t like those belonging to world governments or banks. They don’t protect top-secret data dossiers or handle major financial transactions that malicious hackers would want to crack into.
But if they continue to brush off cybersecurity concerns, multifamily operators may be opening themselves up to a whole world of trouble.
Networks in multifamily buildings control a great deal of personal information about their residents, from names and passwords to more sensitive data, including video and audio streams from security cameras, webcams and smart speakers. If a cybersecurity breach puts that data into the wrong hands, the owner of the network could face hefty fines and lawsuits from tenants under the Digital Millennium Copyright Act.
“You can think ‘Oh, that doesn’t affect me,’ but the threat is real,” said Trey Lutrick, director of corporate strategy at Lumen. “There are lesser-known criminal activities that can happen over multifamily networks, encapsulating ransomware, sex crimes and malicious actors looking for a financial windfall or to get control over residents through sensitive data.”
Lutrick said that under the DMCA, multifamily owners can be held liable for illicit activity on their networks, even for something as simple as a resident torrenting videos or music illegally. More nefarious attacks, such as a hacker attempting to get personal information or footage of a resident could result in expensive and reputation-damaging legal action.
It is now common for multifamily owners to insure themselves against these kinds of breaches, Lutrick said. Most large multifamily operators in the country have policies that protect them in the event that residents’ personal data is stolen. But rather than just mitigating the fallout from a breach, owners can also work to prevent breaches by partnering with a broadband network that nips illicit activity in the bud.
“Multifamily operators aren’t set up to be IT gurus,” Lutrick said. “They look to their broadband provider to be that initial secure entry point into their networks.”
When multifamily owners bring broadband service from CenturyLink, which is now under the umbrella of Lumen Technologies, into their communities, they get all the systemwide security benefits of Lumen's global network. Simply by logging on to their building’s WiFi, residents receive base-level encryption, edge protection and compliance with latest-generation WPA3 security. This global network also “sniffs” traffic coming and going in a building, seeking out and blocking illicit access. In multifamily communities, Lutrick said, CenturyLink networks promote regular password refreshes and offer residents multifactor authentication and access to VPNs to add additional layers of security.
According to Lutrick, these precautions are enough to protect the majority of multifamily communities, insulating owners from embarrassing and costly breaches that can put resident data in the wrong hands. By stopping breaches in the first place, rather than just insuring against the inevitable, Lutrick said, owners can build a reputation for safety.
“Every CenturyLink network is going to come equipped with the lion’s share of the protection that multifamily owners need,” he said. “But there are definitely larger national clients who want even more protection.”
Lutrick described helping to build custom cybersecurity measures for some of the largest multifamily owners and developers in the U.S. As they would with any enterprise customer, Lutrick and his team built out tailored encryption and firewall strategies and protections against more concerted hacking efforts, like denial-of-service, or DDoS, attacks and those that exploit virtual Local Area Networks to bypass security.
Because Lumen provides broadband to departments of the U.S. government, Lutrick said, the company is on the front lines against cyberattacks, and the changes that CenturyLink makes for its largest users protect its smallest users, too.
These sorts of precautions are increasingly important as the multifamily technology landscape becomes more complex. Smart devices from thermostats to security cameras are proliferating, each one providing a separate node that could let a hacker access a multifamily building’s wider systems. And while Internet of Things devices — like the Google Home and Amazon Echo — have immense cybersecurity protections already, Lutrick said hackers are constantly pushing the limits of security of these voice recognition products, hoping to find a vulnerability to exploit.
But Lutrick stressed that cybersecurity concerns shouldn’t dissuade multifamily owners from installing new technologies that could help bring in new tenants and boost their net operating income. Instead, owners should invest in whatever technologies they like, but with clear eyes about the cybersecurity issues that face them and a parallel investment in a secure digital backbone.
“You may not be a target today, but no one can say what’s coming down the road tomorrow,” Lutrick said. “This is not just something you can lower your guard on, because the only time you know you didn’t protect yourself well enough is after something has gone wrong.”
This feature was produced in collaboration between the Bisnow Branded Content Studio and CenturyLink Connected Communities. Bisnow news staff was not involved in the production of this content.