According to the 2015 Cost of Data Breach Study by the Ponemon Institute, more than 70% of all breaches last year were caused by malicious attacks or human error. Many of these were simple mistakes made by employees unaware of what they were doing. The unsuspecting employee could have simply clicked on a malicious link, opened an attached document or entered private information on a compromised website.
When employees are aware of threats, they are much less likely to do something that puts dealership data at risk. It’s a smart idea to establish company security protocols so employees are aware of the potential risks and know what to do if they inadvertently click on something they shouldn’t have.
Because the majority of customers finance vehicle purchases through the dealership, the F&I department is often the gatekeeper of customers’ personal information. That information includes social security numbers, loan applications and other sensitive data that consumers would not want to be compromised in a cyber attack.
The good news is, following some basic steps can help reduce the likelihood your dealership will fall victim to one of these attacks:
- Educate employees about malicious emails, files and links and encourage them to immediately report suspicious looking emails or if they believe they “may have clicked” on something
- Regularly test security as part of a vulnerability management program
- Regularly back up files from employees’ laptops and desktops to network drives or offline storage so files can be recovered in the event of an attack
- If possible, reduce the amount of information you collect from customers and retain only what is necessary
- Keep security software current, with frequent, regularly scheduled updates
- Encrypt all data transmissions
- Do not use social security numbers as employee IDs or client account numbers; if you do currently, develop another system now
If you have questions about protecting your dealership from malicious attacks or need assistance implementing a security plan, please contact your RubinBrown advisor or any of our Cyber Security Advisory Services professionals.
Any federal tax advice contained in this communication (including any attachments): (i) is intended for your use only; (ii) is based on the accuracy and completeness of the facts you have provided us; and (iii) may not be relied upon to avoid penalties.
All Transportation & Dealerships News Transportation & Dealerships Overview