Our Services

Vulnerability and Risk Assessments: Identifying Weaknesses in Your Cybersecurity Defenses and that you are meeting compliance requirements

Cybersecurity Services: 24x7 proactive security monitoring and response. Rest easy knowing that your systems are protected around the clock

Managed IT Services: FTC Safeguards compliant, proactive and responsive IT services that keep your systems running, delivered by our friendly, local technicians and engineers

Cybersecurity and IT Services

Protect Your Systems and Keep Them Operational With Our Responsive, Reliable and Proactive Services

Secure Managed IT

Managed Services done for you! Are you tired of being treated as just another customer? Try out our responsive, reliable and proactive services backed by the power of former government cyber operatives.

FTC Safeguards and HIPAA Compliance

Compliance Made Easy! We take care of everything for you to ensure that you are in compliance with the FTC Safeguards Rule and HIPAA with our easy to follow checklists.

Incident Response Services

Does your business need an incident response plan for compliance? Don't know where to turn? We can help you create a customized plan and practice it quarterly. Our friendly, knowledgeable, local experts are standing by to help!

Security Awareness Training

Does your business need to deploy a security awareness training solution? We offer a customizable package that can be tailored to your business' specific needs, Call us today to speak with one of our friendly local experts!

Servers, Desktops, Laptops

Need new servers, desktops or laptops? We've got you covered. As a Dell reseller, we can help you get what you need without breaking the bank.

Secure Cloud With Microsoft365

Your business and customer data needs to be secured against cyber criminals. Allow us to manage your Microsoft365 environment for secure digital storage and communications with EntraID, InTune, Defender, Office365 and more.

Outdated Phones? Switch to VoIP

Upgrade your phone system to VoIP and get new phones every three years. Never be outdated again! We work with several vendors and provide you with a customized solution that meets your business' unique needs.

Need a Firewall for Compliance?

Still using that insecure router your ISP installed? Quit paying extra and purchase your own secure gateway and sleep comfortably at night. We can customize a solution for your specific needs that stop attackers cold!

Cybersecurity Risk Assessments

Does your business need a cybersecurity risk assessment to comply with your insurance provider? We can help. We work with over 40 reputable cyber insurance companies

Looking for Our Realtor Package?

Are you an independent contractor working for a real estate firm? Our IT and cybersecurity package is customized just for you. Chat with one of our friendly local experts today!


Don and his team are extremely professional, highly competent and fairly priced -- everything you could ask for in a tech partner.

Image

★★★★★

Josh B


Don was very knowledgeable, They completed my network and set it up lighting fast.

Image

★★★★★

James H


Very professional and always on time!!!

Image

★★★★★

Matthew G



It was such a pleasure to work with Cyber Security Hawaii. They were quick with a quote and able to schedule my work around our construction schedule. They were very responsive and the work they performed was exactly as requested. Excellent technicians and reasonable pricing.

Image

★★★★★

Joy H

Latest Blogs For Cybersecurity

City Skyline on Water with boats

FTC Safeguards For Property Management Companies - What You Need To Know

September 06, 20245 min read

Property management companies handle far more than just keys and leases. They're engaged in invoicing, collecting rent payments, holding escrow payments and handling significant sums of money on behalf of property owners. These financial activities, along with the sensitive personal and financial data they manage, firmly place them under the purview of the Federal Trade Commission's (FTC) Safeguards Rule. Moreover, the National Association of REALTORS® (NAR) classifies property management as outside the scope of traditional real estate activities, further solidifying their inclusion under these regulations.

Let's delve into why these companies are prime targets for cybercriminals and how proactive cybersecurity measures can be a financial lifesaver.

Why Property Management Companies Are in the Crosshairs

Property management companies are particularly attractive to cybercriminals due to the nature of their data. They store personally identifiable information (PII) of tenants, financial transaction records, and sensitive property details. A data breach could lead to identity theft, financial fraud, and reputational damage, not to mention hefty fines for non-compliance with the FTC Safeguards Rule.

Busting the Cost Myth: Cybersecurity as a Competitive Advantage

Cybersecurity is traditionally viewed as a cost center. While this is traditionally true, it can also be a competitive advantage if your competition is not implementing it. Additionally, the costs can be offset by savings on your cyber insurance for having the proper protections in place. Most businesses "feel like" they are safe. But things have changed, and cyberattacks are way up. No business is safe anymore.

Key Requirements of the FTC Safeguards Rule

The FTC requires companies performing financially related services that are not covered under Banking regulations, such as property management, to implement a written IT Security Program and designate an employee of the company as the administrator of the program. This employee will either have to be the IT person or a liaison between the company and an IT vendor.

The FTC Safeguards Rule outlines several other key requirements, with data protection being of the utmost priority:

  • Govern:

    • Establish policies and procedures for ongoing management of the IT security program.

    • Have a written Incident response plan

    • Implement security awareness training for all employees

    • Conduct quarterly roundtable exercises to practice for a cyber incident such as a ransomware attack and executing the IRP.

    • Regularly review and update policies and procedures as needed to adapt to evolving threats.

  • Cybersecurity Risk Assessments: Conducting regular risk assessments (at least twice a year) is like performing due diligence on a building purchase. It helps an MSP assess your company's security posture at a certain point in time, identify vulnerabilities, and prioritize security efforts, leading to an action plan for FTC Safeguards compliance that is customized to your business.

  • Identify Objects: Identify and categorize all the "objects" that need protection. This includes anything that holds information, be it electronic (servers, laptops, cell phones) or physical (filing cabinets, storage locations, document destruction repositories). It's also important to identify online SaaS applications like property management software, email and document storage and file sharing sites.

  • Protect: Implement security measures to safeguard your objects and data. This includes encryption, access controls, firewalls, and secure data disposal practices. Ensure third-party vendors also have written robust security measures in place. Some common ways to proactively manage objects and data include:

    • Remote management and maintenance software (RMM)

    • AI-infused security software capable of detecting suspicious behaviors like ransomware attacks or unusual logins and executing an automated response to stop it

    • File-level encryption, both on devices and online applications

    • Monitoring logins and limiting file access

    • Conditional access per device or IP address to Email and Document Storage and file sharing sites

  • Detect: Deploy tools and technologies to detect security anomalies and potential breaches. This could include intrusion detection systems, log monitoring, and vulnerability scanning. AI is making headway in the security world and offers a huge advantage in detecting suspicious behavior, like malware installation from phishing emails. AI can also detect and respond to attacks that often take months to deploy, like those involving financial transactions or ransomware.

  • Respond: Have a plan in place to respond to security incidents swiftly and effectively. This involves:

    • Contacting your cyber insurance carrier and law enforcement

    • Hiring a forensics team, data mining company, and breach coach

    • Consulting a lawyer to protect you from liability and lawsuits

    • Containing the breach, notifying affected parties, and taking steps to prevent future incidents.

Don't Let Cost Be a Barrier: The True ROI of Cybersecurity

The cost of a breach extends far beyond the cyber attack itself. Consider the following expenses:

  • Hiring a forensics team, data mining company, and breach coach

  • Legal fees to defend against lawsuits and potential liability

  • Lost productivity and business disruption

  • Damage to your reputation and loss of customer trust and revenue

The cost of fines for not being FTC compliant is currently around $52,000 per day. Additionally, when an attack happens, your company will incur significant costs, and your insurance claim might be denied if you lack proper protections. On top of that you may suffer downtime (the average is 15-20 days according to the federal agency overseeing Cybersecurity, CISA)

Cybersecurity compliance is an investment, not an expense. By taking proactive steps to protect your data, you can avoid the devastating financial and reputational consequences of a data breach. Remember, the cost of compliance is far less than the cost of a breach.

If you're unsure where to start or need help navigating the complexities of the FTC Safeguards Rule, don't hesitate to seek expert guidance. Take advantage of our free 15 minute IT strategy session which you can book here --> https://strategy.cybersecurehawaii.com

ITsecurityIT services oahuMSP OahuManaged services oahucybersecurity Oahu
blog author image

Don Mangiarelli

A 25 year veteran of the IT industry heading a cybersecurity focused Managed Services Provider/IT services provider. Our reliable and responsive services are backed by the power of former government cybersecurity operatives. Our mission is to keep you protected and operational so you can focus on your business.

Back to Blog