Every day we hear about cyber security breaches that have compromised personal identifiable information (PII), provided access to trade secrets or have allowed access to individual and corporate bank accounts. Breaches can come from a variety of places, including disgruntled employees, professional hackers or sophisticated foreign countries engaged in espionage. Regardless, from a workplace perspective, simple precautions can eliminate a nightmare scenario of a cyber breach within your dealership.
For a dealership’s human resource function, access to applicant and employee is a routine and daily part of the job. To that end, inadvertently exposing that information on unattended computer screens could lead to unforeseen and unintended consequences comprising an individual applicant or employee information. Every employee is responsible for protecting the dealership’s computer system and each plays a role ensuring that protection.
There are a number of simple protections dealerships can take to mitigate unnecessary exposure of PII or prevent someone from hacking into the dealership’s information technology (IT) platform. First and foremost, to mitigate a cyber breach is to have in place a policy relating to safe computer usage to include limiting unnecessary internet browsing, maintenance of strong password protocols, prohibit password sharing, forcing frequent password changes and recognizing suspicious emails that may contain malware. Although these suggestions seem rudimentary, they are some of the primary causes of data breaches that can be easily mitigated.
If your dealership has an IT department, I am certain they have created a policy that provides a myriad of suggestions and mandates to maintain a secure network. However, what we have found is that the simple aspects of cyber security go unheeded. For example, a worker leaves their computer station with the screen exposed rather than locking the computer. Other times, employees will share passwords. Many employees use simple passwords that are easily hacked. Some employees will surf the internet, opening multiple browsers, and others will open up emails that seem to come from a legitimate source but, in fact, have malware associated with them, infecting the computer system.
Computer workstations should have quality anti-malware installed and daily scans should be part of an employee’s start of the day routine. Passwords should be no less than 12 digits long and be alpha-numeric, include special characters and capitalizations. Passwords should not include the specific user’s name or their pet’s name or children’s name.
Random passwords can be easily developed by creating an easy to remember phrase by the user whereby the first letter of each word of the phrase, combined with specialized characters and capitalization, becomes the password. Furthermore, passwords should be changed at least every 90 days. Different passwords should be developed for different accounts rather than using one password for multiple accounts. Passwords should not be written down but memorized, as difficult as that may be. There are devices on the market that can store your passwords and encrypt them so they cannot be discerned.
The suggestions in this article are relatively simple but, if implemented, can prevent the theft of information from your computer or your other cyber accounts. Clearly, cyber security is a function of habit and practice. Taking a few seconds to lock down your computer station, developing strong passwords, combined with quality anti-malware software is just the beginning of cyber security. Your dealership’s IT professional can assist you with other ways to prevent your computer from being hacked and information stolen.
The author of this article is not an attorney and offers no legal advice. The contents of this article should be reviewed by your corporate attorney before taking any action based on its content.