According to the “2018 Survey of Cybersecurity in Community Associations,” released by the Foundation for Community Association Research, 56 percent of community associations have policies and procedures in place to collect, store, and protect homeowners’ personal data. This critical report was presented at CAI’s 2018 Annual Conference and Exposition in Washington, D.C.
As more security and data breaches occur in the U.S., states are amending and adopting laws governing the protection of personal and financial information and how breaches in these areas must be reported and addressed. In 2018, the Foundation surveyed more than 600 community association managers, board members, and the professionals who support associations to identify the risks and liabilities associated with using technology to conduct association business.
According to the Foundation’s research, ransomware and phishing are the most common forms of attack on community associations. More than half of the communities surveyed reported that fraud and theft are their top concerns. Additionally, 92 percent report that their community associations use software management programs, and nearly half of respondents indicated that cost and program compatibility are the most common considerations when selecting financial software.
The research also shows that 56 percent of associations have adopted policies to protect privacy information, and the overwhelming majority continue to store hard-copy documents like contracts, financial and payment data and records, and resident contact information.
“As technology continues to consume every aspect of our daily lives, there’s not one sector of our economy that’s safe. Community associations and the residents who live and work in these communities are no exception,” says David Jennings, CAE, SHRM, the Foundation’s executive director. “This new research helps us establish a baseline of awareness that will be used to develop tools to educate community association leaders about cybersecurity issues arising from social media, community websites, and third-party payment portals.”