Strataleaks - why you MUST lock your website | Another day in paradise | Flat Chat Forum: Your Questions Answered




A A A

You must be registered and logged in to reply to posts or post new topics. Click on "How to Use This Forum" for simple instructions on how to get on board. NB: Please do not use your real name or email address as your screen name - if you do it will be changed to something less insecure.

Avatar

Please consider registering
Guest

Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

Register Lost password?
sp_Feed sp_PrintTopic sp_TopicIcon
Strataleaks - why you MUST lock your website
sp_BlogLinkWhite Read the original blog post
Avatar
JimmyT
Admin
Forum Posts: 4706
Member Since:
06/01/2014
sp_UserOfflineSmall Offline
1
10/04/2018 - 4:50 pm
sp_Permalink sp_Print

A few weeks ago we discussed in Flat Chat in the Australian Financial Review whether or not it’s a good idea for your building to have some sort of internet platform where your ‘community’ can meet online.

I’m all for websites and Facebook pages – they’re great, but they do have a potential downside. Imagine all the anonymous trolling and flaming that you read about on Facebook and Twitter, with the added spice that the online combatants could bump into each other in the car park.

‘Aha! So you are Barbieburner105!’

‘OMG! You must be Carscratcher88, damn your emojis!’

Of course, this is less likely to happen if you use a password and login system to make sure the (ab)users are identifiable and responsible for their comments.

Passwords also protect the privacy of residents who don’t need the world to know that they’ve been caught hanging their smalls on an illegal balcony washing line.

More seriously, they are your first line of defence against legal action. Even heated discussions made within a strata community attract qualified exemption from defamation suits. But one condition is that they haven’t been published to the outside world.

Years ago when my own block launched its website, I suggested a residents-only password protection, but that was contemptuously dismissed with the airy comment that once something was on the internet it was ‘out there’.

This is, of course, poppycock. But then ANY idea promoted by yours truly had to be dismissed by the powers that be in case anyone in the building got the idea that they didn’t know what they were doing.  Had I been a responsible strata citizen I would have just shut up and hoped they would have stumbled upon this glaring omission themselves.

Anyway, moving on, recently one of those weird coincidences that you wouldn’t believe in a detective novel (even one of mine) occurred.

A regular on the Flat Chat website, seeking a precedent in a common property issue, Googled some key words that led her to committee minutes from my block.

Completely unaware of the connection, she then provided a link that made the unprotected minutes publicly available. Not only were the owners in the specific legal wrangle identified, so were other residents involved in various disputes.

Luckily, I was on hand to take the Flat Chat link down almost immediately, and duly reported back to our committee about their interception.  We are now getting a password protected firewall to keep prying eyes away from our secrets. Hurrah!

I mention this only because it shows how easy it is to be caught out when you ignore basic cyber security.

So what should they have done back at the beginning? And what should you do if you have a website for your block?

You could provide all your residents with passwords and usernames, or get them to register and create their own. Given the normal churn of owners and renters, you might issue new passwords every three months or so.

Or you could use a proprietary package like Stratabox to provide all the bells and whistles.  Either way, it’s worth the effort. A website is a terrific way of bringing communities together.

But, if you don’t take sensible precautions, it’s also a highly efficient way of exposing your neighbours to all sorts of cyber abuse, legal dangers and privacy issues.

Avatar
Arn
FlatChatter
Members
Forum Posts: 5
Member Since:
11/12/2016
sp_UserOfflineSmall Offline
2
12/04/2018 - 4:16 pm
sp_Permalink sp_Print

The biggest challenge for electronic communication after locking it off is the effort of maintenance and editing, this is a major task not only in constant monitoring but keeping it up to date. It’s this that has made me hesitate in starting a communication forum for our building despite the desperate need for open and effective communication. I would love to get examples from other buildings where it works In a way which doesn’t destroy the life of the editor.

Avatar
tharra
Flat(chat)Mate
Members
Forum Posts: 92
Member Since:
09/10/2012
sp_UserOfflineSmall Offline
3
13/04/2018 - 2:18 pm
sp_Permalink sp_Print

Arn said
I would love to get examples from other buildings where it works In a way which doesn’t destroy the life of the editor.  

Simple email lists work for us. We have a hosted “website” which includes mailman mailing lists. There are varying levels of paranoia surrounding the lists. One for residents is “public” but moderated – subscribers can add/delete themselves, only a few people can post. Our building management post items such as window cleaning, water/power outages, up & coming meeting dates etc etc etc. Other mailing lists are restricted access for committee/building management. We don’t archive the mailing list posts on the web site but individuals do in their chosen mail programs.

Mailing lists have a very low barrier to entry for both the people posting & on the receiving end. & the huge advantage – it’s a push mechanism – no one has to remember to visit a site for info. & for me, the IT bod on our committee, it’s very low maintenance.

As for info flowing from the residents to us, we encourage people to email any thoughts/issues & we have a log book at the front desk out of its staffed hours & anyone is welcome to attend our SC meetings. We have soft drinks, wine & nibbles to encourage attendance. It may or may not work for SC members as well. 😉

Avatar
JimmyT
Admin
Forum Posts: 4706
Member Since:
06/01/2014
sp_UserOfflineSmall Offline
4
16/04/2018 - 7:07 pm
sp_Permalink sp_Print

My strategy, if I were starting from scratch, would be to get three residents who can commit time to monitoring the Facebook page or website.

Between you, devise a set of rules and guidelines covering the kind of content you want on the site (no swearing, no personal attacks, no commercial advertising, for example)

Then monitor posts using those benchmarks and have a quick consultation on anything you found potentially unacceptable or offensive.

Then, if you did censor material, have a set response that explained why.

Moving forward, be ready to recruit anyone who was keen to lend a hand as there will be a turnover of ‘editors’ over time.

Avatar
Stratabox.com.au
Moderator
Members

Full Members
Forum Posts: 21
Member Since:
23/05/2016
sp_UserOfflineSmall Offline
5
19/04/2018 - 1:53 pm
sp_Permalink sp_Print

Happy to give you a demo of Stratabox, which includes push email but also keeps an archive on the site, as well as segregated access to Residents, Owners and SC members. You can also share admin privileges between several people, but once the initial setup is done, maintenance is minimal. We now have over 60 buildings using it and it has really helped them with engagement.

There is little sense in every single scheme reinventing the wheel on this when you can get purpose-built, enterprise grade software to do it for you.

Scale also enables us to innovate as well as ensuring maximum levels of security including encryption, intrusion detection and regular backups.

Avatar
JimmyT
Admin
Forum Posts: 4706
Member Since:
06/01/2014
sp_UserOfflineSmall Offline
6
26/04/2018 - 6:21 pm
sp_Permalink sp_Print

If I can just hop in here, being a bit of a secret geek, I have over the years taught myself how to build a website and edit images and audio, attempt animation and build a script-writing template for Word.

One thing I have discovered through all that is that it’s a lot easier and more productive to let someone who knows what they’re doing do the heavy lifting and just pay them.

OK, you don’t have the fun of creating something from scratch but you do have the time to go and have fun in other ways.

Forum Timezone: Australia/Sydney

Most Users Ever Online: 518

Currently Online:
20 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

kiwipaul: 584

struggler: 458

Austman: 323

Billen Ben: 205

Millie: 202

Cosmo: 182

considerate band fair: 160

FlatChatFan: 140

Kangaroo: 140

daphne diaphanous: 136

Newest Members:

mehulkhot

TinMan

Shivraj Jadhav

RoseLane

ankurajha

Trmcb

Abhjit

Erte

Flem1ngton

BarbCS

Forum Stats:

Groups: 3

Forums: 40

Topics: 4520

Posts: 21692

 

Member Stats:

Guest Posters: 242

Members: 5276

Moderators: 5

Admins: 1

Administrators: JimmyT

Moderators: Whale, Sir Humphrey, scotlandx, Lady Penelope, Stratabox.com.au