Why Data Protection is Everyone's Job - AutoSuccessOnline

Main Navigation

Advertisement
Social Connect
Resources
Our Brand Family
AutoSuccess Online
The No. 1 Sales-Improvement Source for the Automotive Professional
Leadership Solutions

Why Data Protection is Everyone’s Job

The use of data is becoming more pervasive and complex in dealerships. Every employee needs to be vigilant in looking for threats— both inside and out.

Marie Knight
By Marie Knight
Marie Knight is the Head of Strategic Services for Zurich North America — Direct Markets Business Unit
Published:

Dealerships leverage data in every aspect of their business. Sensitive customer information is being stored in dealer management systems and customer relationship management systems, in finance and insurance (F&I), sales and service databases and even shared with third-party providers. Failure to secure this data can leave your dealership vulnerable and result in significant financial and reputational damage. 

Related Articles

“The threat landscape is evolving and more active than ever,” said Adam Page, our chief information security officer. “Massive data breaches affecting millions of customers of big retailers and banks make headlines, but the majority of breaches happen to smaller companies.” 

According to a recent report by RiskBased Security, the first six months of 2019 saw more than 3,800 publicly disclosed breaches that exposed approximately 4 billion records, an increase of 54% compared to the first six months of 2018. The report also revealed that the majority of breaches affect companies with 10,000 or fewer records, indicating that no business is too small to be on a cyber criminal’s radar. 

“Cybercriminals may consciously seek out smaller organizations instead of the Fortune 500s because they think the data will be less protected,” explained Nikki Ingram, one of our cybersecurity risk engineers who works closely with dealerships to identify their data vulnerabilities. “Smaller companies can also be more susceptible to ransomware attacks, which is when a company’s computer system is blocked by a hacker until a sum of money is paid either due to lack of security controls or a backup strategy.”

Employees Are Your First Line of Defense

For most companies, it’s not a software program or firewall malfunction that leads to a data breach. It’s employee error that occurs across all departments in an organization. 

“That’s why one of the key strategies to minimize the risk of a data breach is to focus on training the people who use and collect customers’ personal information,” explained Daryl Allegree, a regional risk engineer and member of our Alternative Markets Risk Engineering team. 

Employee errors can happen while handling data in the most basic ways, such as: 
• Taping passwords to a computer terminal 
• Neglecting to lock a file cabinet containing sensitive customer information 
• Failing to shred paper or online copies of credit applications 
• Misplacing a mobile device and having it picked up by a “bad actor” 
• Opening emails from an unknown sender that instigates a phishing attack, which results in a malware infection, theft of sensitive customer information or fraudulent wire transfer 
• Approving an invoice submitted online from a cybercriminal posing as a vendor that results in thousands of dollars in lost funds

One of the most basic levels of security starts by securing physical paperwork.  Shred financial documents that are no longer needed. Physical financial files, especially those found in the F&I office, should be kept in offices that are locked and accessible to only a few employees. 

Creating a Culture of Data Security 

Every organization’s culture starts at the executive level. A member of the senior management team should be assigned to oversee development and maintenance of a cybersecurity program and company policy. This cybersecurity leader should consider creating a cross-functional team to monitor security awareness, education and compliance throughout the organization. 

“At the core of a cybersecurity program is employee training,” Ingram said. “Awareness training with employees has shown to have very good return on investment, much more than some of the technology solutions which require ongoing management to keep effective.” 

She recommended educating employees on the current threats and attacks, and best practices on how to maintain the confidentiality, privacy and security of sensitive customer data. A company’s cybersecurity policies and procedures should be reviewed; if the policies are violated, employees should be made aware that disciplinary actions will be taken. 

Ingram recommends that training should be held at least annually. Cybercriminals are constantly adopting new tactics to breach data, and if your employees aren’t aware of the latest methods, attacks can go undetected for months within an organization and create widespread damage. If your dealership experiences frequent staff turnover, training should be integrated as part of new employee onboarding.

You May Also Like

Dr. ColorChip paint repair
Insights on Customer Retention and Conquest Opportunities
Unlocking Service Drive Revenue: The Critical Role of Technician Inspections
Elevating the FTC Safeguards: Embracing a Defense in Depth Approach
Dealer Service

Dealership GMs Need Fewer Worries; Start Here: Recon and Appraisal Integrity

How do you manage margin compression? With a focus on predictable outcomes.

Dennis McGinn
By Dennis McGinn
Dennis McGinn is the founder and CEO of Rapid Recon
Published:
Dealership GMs Need Fewer Worries; Start Here: Recon and Appraisal Integrity

Margin compression is in the news again. Heard at NADA: GMs are concerned about margin compression and their ability to earn a living.

We have been speaking about the persistence of margin compression throughout the pandemic years — and urged dealers in February 2022 to heed the signs and sharpen pre-COVID selling, inventory management and customer relationship skills.

Read Full Article

More Leadership Solutions Posts
Just WIN All the Time, It’s Fun!

To operate at your highest level of contribution requires that you deliberately tune in to what is important in the here and now.

By Christian Jorn
Just WIN All the Time, It’s Fun!
Everyone Has Something to Teach Us

Don’t let pride keep you from learning and expanding your skill sets. Create a “learning zone” where knowledge is freely shared.

By Chris Saraceno
Everyone Has Something to Teach Us
Reducing Worries for Dealership GMs

No GM wants to be pulled away when something comes off the rails or slammed by unexpected events they thought were being managed by our products.

By Dennis McGinn
Reducing Worries for Dealership GMs
Navigating Shrinking Margins: Acquisition Lessons from the Stock Market for Dealers

Initiatives are being developed to ensure that dealers can access the necessary vehicle data without facing prohibitive costs, aiming to make vehicle data more affordable and efficient.

By Josh DeYoung
Navigating Shrinking Margins: Acquisition Lessons from the Stock Market for Dealers

Other Posts

Embracing AI: How Automotive Dealerships Can Supercharge their Operations and Reconnect with Humanity

Having a human-centric approach, augmented by AI, is the cornerstone of a dealership that not only excels in sales but also in creating lasting connections with its community.

By Nick Askew
Embracing AI: How Automotive Dealerships Can Supercharge their Operations and Reconnect with Humanity
Why Dealers Should Care About the Coming Auto Insurance Recovery

The anticipated upswing of the auto insurance market in 2024 — and lower insurance rates that come along with it — should have dealers celebrating.

By Mike Burgiss
Why Dealers Should Care About the Coming Auto Insurance Recovery - Polly
Unleashing the Power of Customer Data with CRM, AI and Analytics

From the moment a potential buyer expresses interest, to post-purchase engagement, every interaction can be optimized for a seamless and personalized experience.

By Robert Manuel
Unleashing the Power of Customer Data with CRM, AI and Analytics
Document Management Solutions Keep Your Dealership FTC Compliant

Staying in compliance can be an overwhelming and costly endeavor, but failing to comply can result in fines reaching upwards of $50,000.

By Stacy O'Neal
Document Management Solutions Keep Your Dealership FTC Compliant