Cybersecurity checklist for property management companies

Joe Parish

By Joe Parish

09 August 2021

Did you know almost half of all cyberattacks are targeted at small businesses, most of whom lack the tools to protect themselves and their clients or have no idea how to respond? All it takes is one member of a team to be hacked, and the assailants will have access to the entire company’s sensitive information. While hackers have traditionally been characterised as moody teenagers in their mother’s basement, the reality is that hacking is a part of organised crime which costs businesses millions of pounds each year.

Fixflo has put together a handy checklist of the most obvious ways property management companies can improve their cybersecurity and protect themselves and their clients against hacking.

Have you identified all of the devices your company is using?

Do an inventory of all your devices, including everything from the mobiles of your lettings team to your printers. You need to know what you’re protecting and where the leaks could spring from.


Have you updated all systems and your website?

Keeping your systems regularly updated is the first point of call for all cybersecurity and boosts your immunity against hackers by reducing the number of ways they could access your data.


Have you secured your website?

Run protection software to find weaknesses in your website and protect it from unauthorised entry.


Have you encouraged your lettings team and your clients to use strong passwords?

You’d be amazed at how many people use the same one-word password for everything. Once that password has been guessed, a hacker could use it to access all sorts of systems, software and data. Choose strong, hard-to-guess passwords and change them regularly. Consider using a password generator, which will assign a random selection of letters and numbers whenever you need to create a password.


Do you offer two-factor authentication?

Two-factor authentication (2FA) offers an extra layer of protection against hacking by requiring an additional piece of information to be provided alongside the password. This is often a code sent to the user’s mobile phone. This means that even if a hacker has been able to guess the password of your computer systems, they still won’t be able to gain access.


Are your staff trained in how to avoid phishing?

Remember: it only takes one staff member to click on a fraudulent link to allow a hacker access to an entire organisation. Do they know not to click on suspicious links and that they should check addresses and URLs from senders carefully?


Have you installed anti-virus software?

This should be updated regularly too. Updates can usually be configured to download and install automatically.


Are you backed up?

Do you have a copy of your data stored separately from your devices? Is your external backup data up-to-date and, once this data has been backed up, unplugged and stored securely at night?


Are your emails protected and authenticated?

Are you sure they’re landing in inboxes, not junk mail? Could a sender impersonate you? Emails are one of the biggest components of your company brand, and you need to take extra care to protect them.

This checklist is by no means exhaustive but should go some way to protecting your company against hackers. And rest assured, Fixflo definitely practises what it preaches. We have fully trained staff, who’ve all been quizzed and drilled about their passwords, and we use two-factor authentication to ensure user logins and data is secure.


Electronic signatures are a common part of today's technology-driven industry. Read our Quick Guide to Electronic Signatures for Property Professionals produced with JMW Solicitors and learn best practices for using digital signatures, including security and they are best to use.

New call-to-action


This article is intended for information purposes only and does not constitute legal advice. If you have any questions related to issues in this article, we strongly advise contacting a legal professional.
These blog posts are the work of Fixflo and are licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. In summary, you are welcome to re-publish any of these blog posts but are asked to attribute Fixflo with an appropriate link to Access to this blog is allowed only subject to the acceptance of these terms.

Joe Parish

By Joe Parish

09 August 2021

Be the first to hear about new content for property managers

eBooks and webinars, always free

  • Data-driven industry insights
  • Compliance and legal updates
  • Property management best practices