Interview with AppFolio’s Fredrik Valeur, Chief Security Architect

Last modified on June 24th, 2024

Please tell us a little bit about yourself.
I am originally from Norway and I came to the United States my second year in college as an exchange student. I met a professor here that I really liked and he basically convinced me to extend my stay. So, I finished up my Norwegian degree and then came to UCSB and completed a PhD in Computer Security. While I was at UCSB, I met my wife, and we made Santa Barbara our home. I finished up school and built a start-up company with one of my professors. We made a security hardware device that we tried to sell and it didn’t really take off but it was an interesting project.

What made that project interesting?
We were actually contacted directly by the Secretary of the State of California to see if we could hack into electronic voting machines, they wanted us to check the security of the machines and then write a report. We ended up making a virus that could spread from a USB stick and go into the voting machines and steal votes. The results were so good that the Secretary of the State of Ohio then hired us to do the same thing. In both cases, there were restrictions imposed on electronic voting machines after our findings.

What is your role at AppFolio?
I am the Chief Security Architect and I am responsible for making sure that the application and data centers are secure – focusing on both the physical security (computers are bolted down and locked) and information security (keeping the data encrypted). We make sure that all of the sensitive data is encrypted on disks and backed-up and we also make sure that the firewalls are configured correctly. We also look at the software code itself to make sure that it is perfect and free of security related bugs.

What should customers be doing to help with the security of their own passwords and physical computers? Do you have any suggestions?
Our systems take a lot of the heavy lifting of security away from the users because we run the servers and make sure that they are protected but there are a couple of things that AppFolio users can do for security.

1) AppFolio Passwords: we recommend that customers select a password that is secure and that they don’t use the same password across all applications. For example, it is a best practice to not use the same password for AppFolio that you use on your company Facebook Page or your email.

2) Keep your computer software updated: In general, The information that you put into AppFolio is important and sensitive so you want to make sure that your computer is up to-date and that you have installed all of the most current software updates. You want to run the latest version of your anti-virus software too.

A great example of one thing we do regularly to help reduce risk is we look at where people log in from and build a type of model that knows our users’ general login locations. So, if a user suddenly logs in from a completely different place, then we flag that account and look at the actions they are doing to make sure they seem reasonable. During Spring Break week for example, we could actually see our customers logging into AppFolio from the Caribbean and the Bahamas and they were checking high-level business statistics, which makes sense. That is actually the benefit of using web-based property management software in action!

What do you like to do for fun?
I like skiing and that is what I grew up doing in Norway so we try and go to the mountains about twice a year. We usually go to Mammoth Mountain because it is large and it doesn’t seem too crowded. I used to surf and I really like to do that. Honestly, we bought a house not too long ago and it needs some work so we end up doing some yard work and other small tasks most of the time.


Related Content