Notifications & Messages

Jared Hamilton
From: Jared Hamilton
Hey - It’s time to join the thousands of other dealer professionals on DrivingSales. Create an account so you can get full access to the articles, discussions and people that are shaping the future of the automotive industry.
Casi Dow

Casi Dow Marketing Coordinator

Exclusive Blog Posts

Women in the Dealer Workforce: Where We Are & Where We Can Go

Women in the Dealer Workforce: Where We Are & Where We Can Go

It’s no secret that women make up a small portion of the dealer workforce and turnover among women is high. By not attracting and retaining women in the …

Car Subscriptions - Q and A with Bill Playford

Car Subscriptions - Q and A with Bill Playford

I had the chance to interview Bill Playford about car subscription services, and how they're going to change the marketplace. Take a look what this ins…

Be The Exception

Be The Exception

How brilliant marketers find and follow what makes their stories different in a world full of average content DrivingSales is excited to announce th…

Keeping Up with the Joneses in Quick Lube

Keeping Up with the Joneses in Quick Lube

More than half of all sales customers will abandon your dealership’s service department in the first year. It’s a widely varying statistic &nda…

It Has Never Been Easier To Be Average

It Has Never Been Easier To Be Average

It has never been easier to be average. This post was written by Jay Acunzo, who will be speaking at the upcoming DrivingSales Executive Summit in Octob…

Is Windows XP the Greatest Threat to Your Dealership?

The number of cyber-crimes are continuing to rise as hackers search for weaknesses in systems.  The changes and warning have been coming for months, yet many dealers have put off making a simple, yet crucial change.  On April 8, 2014 Windows officially retired their XP platform.  This means that Microsoft will no longer support or create updates or security patches for XP.  The key word there? Security.

The Aftermath

As predicted the first exploit related to Windows XP was announced a mere 20 days after retirement. A critical exploit affecting ALL versions of Internet Explorer has been identified that allows a malicious website to grab customer data. Reports indicate that as expected Microsoft will not release patches for this for Windows XP.

The current zero-day vulnerability, which affects IE6 through 11, across all versions of Windows, was confirmed by Microsoft on April 27. Microsoft acknowledged its existence after security firm FireEye reported on April 26 that the vulnerability was being actively used to attack “financial and defense” targets.

What are Your Responsibilities?

The Federal Trade Commission clearly states your legal obligations:
The Gramm-Leach-Bliley Act requires financial institutions – companies that offer consumers financial products or services like loans, financial or investment advice, or insurance – to explain their information-sharing practices to their customers and to safeguard sensitive data.

Large institutions and corporations especially cannot keep running Windows XP if there’s a massive hole that can be readily exploited. The bug was so serious that even the US and UK governments were telling people to stop using IE until a patch was issued.

Next Steps

It is extremely important that dealers make upgrading their Windows XP PCs a priority. They cannot risk the immanent threats to both their dealership and their customer data.

In addition to making those crucial updates to any PCs running Windows XP, there are several other things that you can do to help protect your back-end operations from other security threats.

Create a Plan

Design your preparedness plan so that your dealership can continue to operate if a security breach were to ever occur. Train all necessary employees (managers, F&I, etc.) on that plan.

Bring in Help

The best way to determine your security-risk levels is to bring in a professional. A third-party expert who can offer a neutral and objective assessment of your risk level and what issues you may be vulnerable to.

Gather the Right Information

The car buying process involves gathering a lot of information from your customer, however collect only the data that you truly need.  If the data is irrelevant, don’t take it.  Retain only the data that you need and purge the rest, streamlining your data storage systems.  It is also a good idea to grant the right employees access that sensitive information on a “need to know” basis.

Be Watchful

Security breaches are not always necessarily the act of a random criminal.  They can occur internally.  This doesn’t always mean that an employee was acting maliciously, but may just be misguided or unaware. Take the steps to offer your employees up-to-date security training.  Also it is a good idea to evaluate access to data such as logging into your systems from remote locations.  Additionally, take the correct steps to update access to information when employees leave your dealership.

 Unlock all of the community & features  Join Now