Notifications & Messages

Jared Hamilton
From: Jared Hamilton
Hey - It’s time to join the thousands of other dealer professionals on DrivingSales. Create an account so you can get full access to the articles, discussions and people that are shaping the future of the automotive industry.
×
Erik Nachbahr, CISSP

Erik Nachbahr, CISSP President

Exclusive Blog Posts

A 5 Step Plan to Improve the People in Your Dealership

A 5 Step Plan to Improve the People in Your Dealership

Developing and improving the people in the dealership is the best way to get a solid ROI. Employees will work harder when they are cared for. Making the wo…

3 Key Metrics for Measuring the Inbound Phone Experience

3 Key Metrics for Measuring the Inbound Phone Experience

Call tracking and analytics firm, CallSource, recently released their first Inbound Phone Experience Study. The goal was to determine the impact on custome…

Making Deposits of Trust

Making Deposits of Trust

  Working with people is like a bank account. You are constantly making withdrawals and deposits of trust to help establish a working relat…

Improving Service CX: Dealing with Additional Services

Improving Service CX: Dealing with Additional Services

In our month-long series on improving the customer experience in the service department, we now look at the second-most common issue identified by cust…

MDP 033 | NADA: National Automobile Dealers Association

MDP 033 | NADA: National Automobile Dealers Association

#nada #nadashow #nada2020 #corksoakers Join David & David talking about The National Automobile Dealers Association, The NADA Show 2020 plus The Cat…

When it Comes to Consumer Privacy, what are Reasonable Measures?

Requirements in recent consumer data privacy laws are causing confusion and unnecessary expense for dealers. For example, on January 1st, the California Consumer Protection Act (CCPA) became law. The legislation requires companies to have “reasonable security” in place to protect sensitive consumer information. However, it fails to define what these reasonable measures are.

As an auto dealer, how do you know what reasonable measures to take without a clear-cut definition? In California, the Attorney General points to 20 controls issued by the Center for Internet Security (CIS) as guidelines for business owners.

The CIS controls are very thorough and provide a broad framework of steps to take for businesses in all industries. However, it’s important to note that not every business in every industry has to follow all 20 controls exactly as written.

What’s reasonable for an auto dealer is different than what’s reasonable for a business in another industry. For example, some wording in the CIS controls pertain specifically to software developers, so those ‘guidelines’ would not be applicable to auto dealerships.

The intent of the CIS is for their framework to be adapted by industry-specific experts who define how its elements should be implemented in that specific industry. In the auto industry, it’s critical that when you’re searching for help implementing the CIS controls, the person or entity has both cybersecurity expertise AND an intimate knowledge of your business—the business of selling and servicing cars.

At Helion, we’ve adapted the CIS controls specifically for auto dealerships, and have come up with a list of 10 essential IT security best practices. These include the following:

—Training/written policies/standards

—Windows Active Directory

—Cloud-managed, business-grade network equipment

—Unified security management

—Cloud-hosted email, file sharing and backup

—Remote management and monitoring tool

—Centrally managed enterprise anti-virus/malware and URL filtering

—802.1x port-based network access control

—Adaptive identity management

—Penetration testing

To learn more about each of these best practices and how they help your dealership comply with new consumer privacy laws, download our free guide: IT Best Practices for Auto Dealers.

When implementing these best practices, start with the simplest initiatives that have the broadest impact, and refine your security practices as time progresses. When implemented, these best practices will provide proof-positive that your auto dealership is taking “reasonable measures” to protect your customer data and keep your IT systems safe.

 Unlock all of the community & features  Join Now