It is no secret that today more and more Automotive Dealerships are moving from premise-based infrastructure to virtual servers in the cloud. The easiest example of this is a Microsoft Small Business Server (SBS) being replaced by Office 365. This is becoming the de facto option for small businesses, especially when other applications are cloud based. For example, QuickBooks, among many other applications, are rapidly progressing in that direction. Believe it or not, the Cloud has even revolutionized phone systems!
Because small businesses are moving almost everything to the cloud, reliable backup and recovery are necessary to protect the information stored in it. Especially customer data or PII (personally Identifiable Information).
Personally, Identifiable Information (PII) is data which can be used to identify, locate, or contact an individual and includes information like name, date of birth, place of residence, social security number, phone number, race, gender, criminal record, age, and medical records. Every organization stores and uses PII, be it information on their employees or customers.
The PII your dealership stores is highly attractive to hackers who can sell that information on the dark web at a very handsome price. PII can also be used for any number of criminal activities including identity theft, fraud, and social engineering attacks. It goes without saying that it is absolutely vital for your dealership to protect PII. Failure to secure PII leaves your dealership open to highly targeted social engineering attacks, heavy regulatory fines, and loss of customer trust and loyalty.
Because securing PII is a critical component of many data privacy regulations as well as a valuable way to gain customer trust – we’ve created 10 steps to help you keep PII protected within your organization.
- Identify the PII your dealership stores
- Find all the places PII is stored and classify in terms of sensitivity
- Delete old PII you no longer need
- Establish an acceptable data usage policy
- Restrict PII from leaving your network via email, flash drives or other data sharing app
- Encrypt PII on and off your network
- Audit employee and vendor data access permissions
- Develop an employee education policy around the importance of protecting PII
- Create a standardized procedure for departing employees
- Encourage (and reward) employees to report any suspicious behavior and unauthorized access to data.
You should make it easy for employees to report suspicious or risky behavior to management. For instance, an employee might start taking company devices or materials home with them even if it goes against policy and could potentially put PII in danger of being compromised. One of the best ways you can police this type of event is to establish an easy way for employees to report this potentially harmful behavior.
Taking a proactive approach will always be the best way to prevent any type of account breach. Securing your data not only ensures peace of mind, it protects your dealership against data loss and reputation damage.
Still have questions about protecting your customer data? Contact Kobargo today to arrange a no-obligation consultation and assessment of your IT system security. Let’s discuss ways to safeguard your Automotive Dealership in today’s digital world.