Security audit checklist
Let’s face it, cyber-security is one of the greatest concerns people have when choosing to do their business online. At Zego, we enlist trust by adhering to strict compliance rules and best practices that are designed to protect and safeguard customer data.
Is your company doing everything it can to protect resident data? Take a page from our book, and review our Security Audit Checklist to ensure you are applying these security measures at your business:
- Install office security cameras to prevent theft. A closed circuit camera system is best.
- Safeguard your resident/client files. Install a key card access system for secure file areas and limit access only to those people who have a business reason to see client files.
- Train your employees to not leave client files on their desks unattended.
- Update your employee training manual to include computer usage policies and procedures.
- Install a reputable antivirus/malware program on all employee computers and configure it to run a daily scan.
- Require employees to use strong passwords on your computers and systems. Passwords should be at least 7 characters long and contain at least one special character and number. Make it a policy that passwords should not be shared or written down, and change regularly.
- Check each prospective employee’s professional references.
- Budget accordingly to add background checks to your hiring process. You can choose the investigation level needed per position, but at a minimum, a criminal background check should be performed for each employee.
- Set up training for your employees on key computer systems, such as accounting software and online payment systems. An employee is more likely to use and recommend a service they are familiar with.
- Ask your vendors to conduct training sessions on the latest updates to their systems
- Stop storing complete credit card numbers! Only store the last 4 digits and credit card type.
- Don’t store Social Security numbers either!
- Verify that any third party service provider who handles cardholder data has a valid PCI compliance certification.
- Stay abreast changes to laws and regulations, which can change without notice. Frequently visit your state department of real estate website, the National Apartment Association (NAAHQ.org > Learn > Government Affairs) and the National Association of Property Managers (NARPM.org > Legislative). Stay in touch with your local affiliates, too!