Sign up for our Newsletter
Keep up to date with the latest IT news, tips and guides from Dragon IS and sign up here:
Trusted and Proactive IT Support and Managed IT Services
Despite strict new data protection rules that came into force in May 2018, a YouGov poll has revealed only 35% of small and medium sized businesses have a basic data protection policy and those working in real estate are the least likely to have cyber security measures in place.
According to Lionel Naidoo, director at Dragon Information Systems, this leaves agents vulnerable to attack and could also see them landed with hefty fines for non-compliance.
Lionel explains: “The General Data Protection Regulation (GDPR) came into force a year ago and with it came the risk of substantial financial penalties for businesses whose systems are not up to scratch. We are now starting to see the first fines being dished out and this should act as a wake-up call for any estate agencies who have yet to take action.”
He continued: “When you’re a small team with limited time and resources, data protection may be far down your to-do list, while you concentrate on the day job – selling properties. But it’s a very risky strategy to take, especially with cyberattacks on the rise. A breach could not only hit you financially, but also damage your reputation, which could have long lasting implications for the business.”
The Cyber Security Breaches Survey 2019 shows that already this year 32% of businesses have identified breaches or attacks. The most common form being phishing emails (80%), others impersonating the organisation online (28%), and viruses or other malware, including ransomware (27%). The average cost to businesses who lost data or assets following a breach is reported as being £4,180.
Lionel continued: “When we first start working with estate agents, they often don’t fully appreciate the dangers and how best to manage them. Our advice is to treat data protection as you would any other legal requirement.
“For example, you are required by law to take copies of passports and other important identification for money laundering purposes. You can’t make a sale without them. How you store and manage that data – which would be highly prized on the dark web as it is an easy route to identity fraud – is just as important an obligation.
“You have a duty of care to protect it, and that means having robust systems in place and providing training for team members, so they understand the importance of data security and how it applies to them day-to-day.”
Here is Lionel’s advice for estate agents, on data protection and getting GDPR compliant: