To protect the privacy of our members and safeguard Acacia Valley HOA‘s strategic vision, members of the HOA agree to abide by our home device security policy (HDSP).

To ease compliance with this policy, the HOA provides a variety of 🔒 cyber education resources in the members area of the wiki.

To mitigate the community’s exposure to spam, computer viruses, phishing attacks, and leaks of personally identifiable information, members of the HOA are required to regularly update the software on all personal devices. This includes both operating systems (such as iOS and Ubuntu) and the applications (such as Safari and LibreOffice) installed on the system.

IoT devices are internet-connected appliances such as toasters, microwaves, and the like that may offer additional convenience features compared to their offline counterparts. HOA members may use IoT devices that follow commonsense cybersecurity best practices, such as releasing their source code under an open-source license and minimizing telemetry. Most commercially available smart speakers, such as Amazon’s Alexa, do not meet this baseline.

Smart doorbells and external security cameras are allowed as long as they follow commonsense security practices, such as storing data locally (rather than uploading data to the cloud, which could compromise the privacy of homeowners and their neighbors) and automatically deleting data after a period of time.

The HOA board is not aware of any smart doorbells that currently meet these requirements.

The HDSP smartphone application whitelist (“app list”) is a list of smartphone applications that have been approved for installation and usage on member smartphones and smart devices. Members are not required to own a smartphone, but for those who do, access to HOA resources such as email and wiki editing is, in principle, contingent on compliance with the app list. Examples of allowed applications include:

• ✅ K-9 Mail, an email client for Android recommended for use with HOA email accounts.
• ✅ Syncthing, a file-syncing app (desktop and mobile clients).

The HDSP makes no formal distinction between apps that have been explicitly rejected for inclusion in the app list and apps that have not yet undergone a security evaluation (that is, there is no “blacklist”). Examples of applications not on the app list include:

• 🚫 Controlio, advertised as “a platform that tracks and analyzes employees’ productivity, user behavior, and screen activity on PCs remotely.” A 2024 security evaluation of this app by the board concluded that Controlio does not meet the HOA’s requirements for privacy and security, and thus Controlio may not be installed on devices owned by HOA members.
• 🚫 Flo, a period-tracking app that was formally sanctioned by the United States Federal Trade Commission in 2021 over misleading statements about its data-sharing practices. The HOA‘s board has yet to produce a security evaluation of the latest version of Flo; thus, as of this writing, Flo is not on the app list and therefore may not be installed on member-owned devices.

As a security mitigation, the full app list is not published online. You may inquire about whether a specific app is whitelisted, or request a security evaluation for a new app, by contacting the secretary.