Smart Buildings and Apartments: Balancing Opportunities and Threats

12.5% of all US homes used smart technology at the end of 2016, a number that is expected to grow to 28% by the end of 2021, according to media research group Kagan. As smart homes and buildings become a part of our daily lives, they can offer convenience, control, and other benefits. But they could also bring new, troubling risks for multifamily property owners and operators.

Better Living Through Technology

In a “smart home,” internet-connected appliances and services such as lighting and heat communicate with each other and with the owner and track important data. For example, WiFi-enabled lighting can be controlled through smartphone apps, while smart thermostats can help users monitor and reduce their energy use. Smart buildings offer similar benefits to property managers, including easier monitoring of security cameras, the ability to unlock tenants’ doors, and powerful data that can be used to generate cost savings. 

These technologies offer convenience, efficiency, and a perceived higher quality of life, and are thus in high demand, especially by younger renters. 44% of millennials would be willing to give up parking spaces to live in smart apartments, and six in seven would pay more to rent smart homes, according to lock manufacturer Schlage and Wakefield Research. 

But meeting the demands of renters must be balanced against potential security risks. Smart technologies could make multifamily properties prime targets for cyber-attackers. Through connected devices, WiFi networks, cloud systems, and mobile devices, attackers can disrupt important systems — for example, security, lighting, and HVAC systems — or steal tenants’ personal and financial information.  These events could result in liability or loss of income for property owners and operators. 

Managing the Risk of Cyber-Attacks

To manage these and other cyber risks, multifamily property owners should develop a comprehensive risk management plan. Consider including the following steps in this plan: 

• Assess and analyze your risk. Measure the maturity of your cybersecurity program and the threat environment and create an inventory of your cyber risks, including liability and first-party exposures. Then estimate the expected frequency and severity of cyber losses using available assessment and modeling tools or scenario-based analyses and prioritize risks for avoidance, mitigation, and transfer.

• Secure and insure. Create an inventory of Internet of Things (IoT) devices and ensuring proper configuration of devices, including changing default passwords, frequently backing up files, ensuring that software is kept up to date, and deploying patches on a timely basis. You should also educate employees about potential cybersecurity threats and best practices and review your insurance coverage, including cyber, property, and casualty policies. And consider conducting a gap analysis of coverage for priority risks.

• Respond and recover. Create and regularly test business continuity, disaster recovery, and response plans, and identify and retain external vendors, including forensics, legal, PR, and notification. 

By developing a sound plan, you can better ensure that you balance meeting tenants’ needs with your cyber resilience needs. And that’s especially important as multifamily properties increasingly make use of smart technologies to stay competitive and minimize potential losses.