How confident are you that your dealership can withstand a cyber attack? In my experience, most dealers underestimate the threat of attack and overestimate their ability to withstand an attack.

When looking at your internal information technology (IT) strategy, it's important to understand where cyber attacks originate.

First, identify what in your dealership is valuable to cyber criminals. Assuming money is a primary motivator, they want to accomplish one of the following:

• Obtain routing and bank account numbers
• Access your customer data; social security numbers, credit scores and credit card numbers.
• Hold your data hostage and make you pay ransom to gain access to it

To successfully thwart these objectives, your dealership needs to have three lines of defense in place.

Perimeter

This is the first and most obvious line of defense that most people think of when it comes to security. The perimeter consists of technology solutions designed to keep your data safe.

Ensure that you have an up-to-date firewall, spam filter (aka spam firewall) and an intrusion prevention system. Additionally, make sure your routers are enterprise-grade, as they have better security features.

Desktop

This is where we see a lot of dealerships are making themselves vulnerable. Employees' computers need to be locked down at the desktop level.

Ironically, the way to accomplish this is not at the desktop. You need to have a centralized administrative set-up, so that employees are not allowed to install or de-install their own software. Anti-virus software should also be centrally managed and not installed on individual desktops.

Additionally, install web-filtering software that monitors employee activity and prevents them from accessing dangerous websites. Many cyber attacks occur because employees click on an email link that leads them to malicious websites.

Switching from desktop-based applications to cloud-based applications is also highly recommended. The huge Equifax breach that exposed millions of customer records occurred because of a simple failure to install a software update, also known as a patch. If you're using cloud-based applications such as Office 365, security patches are automatically updated.

Employees

The final and perhaps most importance line of defense is your employees. Over ninety percent of successful data breaches start with phishing attacks, which use emails to lure employees into clicking on something they shouldn't.

Make sure you provide your employees with security awareness training, which is required under the FTC Safeguards Rule. Also put policies and procedures in place designed to increase security, such as:

• Require employees to change passwords every 90 days
• Verbally confirm all wire transfers
• Patch all desktop-based applications weekly, if not daily
• Keep logging records
• Get an IT security audit once a year
• Obtain cyber liability insurance
• Create a cyber incident response plan and response team

The threat of cyber attacks is growing and should not be underestimated. Do you have three lines of defense in place? If not, your dealership is vulnerable.

Microsoft has released Office 2019, the newest version of its desktop suite of applications that most dealership employees use on a daily basis; including Word, Excel, PowerPoint and Outlook for email. Prior versions of Office that your dealership might still be using are Office 2016, Office 2013 and Office 2010. Please don't tell me you're still using Office 2007.

If you're thinking about upgrading to Office 2019, I encourage you to look at another option. If you haven't already, now is the time to migrate to Office 365 Business, which offers cloud-based versions of all the same Office applications, plus additional features.

Considering what you get, Office 365 is actually less expensive than the single license version of Office 2019. The price for Office 365 Business Premium is $12.50 per user per month, which is just $150 per year. The cost for a single license of Office 2019 is $250 and yes, it can feasibly be used for more than one year. But Microsoft also announced that Office 2019 is a one-time release and won't receive any future feature updates.

That means Office 2019 will become outdated pretty quickly. Plus, Office 2019 doesn't offer any of the cool cloud-connected features that Office 365 offers, such as workflow, productivity and collaboration tools.

The fact is, Microsoft is really pushing to get everyone onto the cloud-based version, so the benefits of doing so far outweigh any reasons not to migrate. At this point I can't think of a reason not to switch, unless you work in a cave with no Internet access.

Let's take a look at some of the advantages of switching to Office 365.

Eliminate Licensing and Hardware Headaches

Depending on how many employees you have, on-premise licensing fees can get expensive. In addition to licenses for Office applications, dealerships pay licensing fees for Exchange Servers and Exchange User Client Access Licenses. That doesn't include the cost of hardware and the cost of having to hire someone to maintain all the equipment.

Additionally, someone at the dealership has to be responsible for handling security patches and other software updates on a regular basis.

Perhaps the biggest issue that Office 365 helps you avoid is the usage of unlicensed copies. This happens when someone in a dealership installs Office on six or ten or even dozens of computers, instead of limiting installations to the three or five licenses that come with the package.

Unfortunately, this practice is fairly common. It's also illegal and very costly, if you're caught. In recent years, the Business Software Alliance (BSA) has really cracked down on small and mid-sized businesses, and offers whistle-blowers (usually disgruntled employees) cash rewards for reporting businesses that use unlicensed software.

One dealership I know of got caught using unlicensed copies of Microsoft Office on over 300 computers, and had to pay a fine of $1.5 million. Another dealer purchased a small dealership only to be hit with $50,000 in fines because the new store had unlicensed software installed on its computers.

Paying a small monthly per user license for Office 365 eliminates this risk and makes for easier budgeting.

Greater Team Collaboration and Productivity

Office 365 offers features designed for team collaboration, improving workflow and increasing productivity. With Office 365 everyone has a clear view of task assignments, workloads and timetables so that all team members are in the loop on a project's status.

Additionally, Office 365 has integrated Yammer, an enterprise-level social platform that allows team members to communicate from any location. Office 365 also has Skype for Business, allowing team members to call quick virtual meetings, as opposed to formal in-person meetings, which tend to be lengthy and inhibit productivity.

Increased Mobility and Flexibility

Office 2019 is installed one time on a single PC or Mac. Office 365 allows a single user to sign in from multiple devices, including mobile devices such as smartphones and tablets. This allows team members to easily check email, edit documents and securely access shared information at anytime from anywhere.

Improved Security

Chances that your dealership will experience a cyber attack are growing every year. Applying software updates, also known as patching, is one of the most important security measures you can take to protect your dealership. Yet in my experience, 95% of dealerships aren't doing this on a regular basis.

Perhaps the greatest advantage of Office 365 is that cloud-based applications are instantly updated with every new software and security update.

With Office 2019, employees and even IT staff can ignore software update notifications for days, if not weeks, leaving your network vulnerable to cyber attacks.

If you're a desktop die-hard and prefer to have Office applications on your computers, whether or not you upgrade to Office 2019 depends on the version you're using now. Microsoft is ending support for Office 2010 in October 2020. If you're using Office 2016, be aware that although the standalone version will still function after October 2020, you won't be able to access any additional Office 365 services such as Exchange Online, Sharepoint Online or OneDrive for Business.

If your dealership hasn't already migrated to Office 365, you might want to try it. Start small, with one department. Ensure that every employee gets the necessary training and support to make the transition successful.

In Part 1 of this series I discussed the growing threats and consequences of cyber security attacks. In Part 2 I reviewed the most common methods used by cyber criminals to launch attacks against dealerships. In Part 3 I shared the recommended policies, procedures and technologies to put in place to help prevent cyberattacks.

Now it’s time to review what to do in the event that your dealership is breached. Unfortunately, you can be very proactive and have all the right technologies and procedures in place, but breaches still happen. The probability that a company will endure a security breach in the next two years is 28 percent, according to IBM and the Ponemon Institute.

In many cases a breach is not discovered for several weeks. Most often the dealership is notified by a third-party; typically a bank or a credit union that has Positive Pay, a fraud detection tool. In the case of ransomware or other type of attack that brings down your network, the incident can happen suddenly with no warning.

Recent breaches in the news include Marriott, Facebook, Panera Bread and more. These are large companies with sophisticated security in place; but if they're vulnerable so is your dealership. If your dealership is breached, you are legally responsible and must follow the same procedures as these large companies.

The first thing you need to do is pull out your cyber incident response plan.  As I mentioned in part 3, this does not have to be complicated. Your plan should list the phone numbers of your attorney and your cyber liability insurance company.

Your cyber liability insurance company will put you in touch with a breach response team that will coach you through the steps you’ll need to take. They will probably include the following:

Notify Authorities

Contact your local police department as well as the local FBI field office and report the incident to the Bureau’s Internet Crime Complaint Center. This step is not legally required but can be helpful as the authorities may have gathered evidence from similar attacks, and have information that will be useful.

Notify Customers and Other Stakeholders

If your customers’ information has been compromised, you are legally required to inform them immediately. In some states, you are legally required to pay for a credit monitoring service for affected customers. You may also have to file a notice with your state general attorney’s office. When it comes to notifying your employees and other stakeholders, wait until the same time that you notify your customers. One of your employees may leak the information, which could have a detrimental effect on public perception.

Crisis Communications

Next, it’s time to implement your crisis communications plan. There’s no point in trying to hide a cyberattack. One of the first questions that everyone asks is, “How long have you known?” It’s best to be transparent to both the local press and your customers.

Forensic Investigation

Depending on the nature of the attack, you may also be required to hire a team of forensic experts to investigate how the attack happened. This is why it’s so important to keep security logs.

Ideally you will have at least a month’s worth of replay logs so that investigators can learn the following:

• Which IP address was used to gain access to the network
• The type of viruses installed and which computers they've infected
• Whether hackers cleared the logs to eliminate traces of their fingerprints

Sometimes a forensics team will require that you shut down business for a period of days or weeks while they investigate an attack. In the event that you are shut down, you may want to have a contingency plan that details how you can still operate, service and communicate with your customers, if possible.

The consequences of a cyber attack can be harsh, both from an internal operations standpoint and from an external, customer and public perception standpoint.

Dealerships are a prime target for cyber thieves so it’s critical to be prepared. Know the potential threats, implement technology to prevent them and properly train your employees so they can avoid phishing schemes—which are responsible for 91 percent of successful security breaches—as well as other social engineering attacks.

Auto dealerships are independent businesses, with careful financial management separating success from failure and limited internal teams delivering results. As with many small companies, it's common for information technology to be a secondary priority rather than its own department. Third-party IT services can step into such situations and provide assistance - the consequences of not having these professionals on hand could be severe.

In today's IT-centric business world, digital threats are everywhere and the advantages of timely tech maintenance and upgrades are many. Therefore, dealerships without full IT departments should consider the benefits of calling upon outside help, before their undermanned tech operations become a liability.

Dedicated IT professionals must tend to serious needs

Dealership IT needs dedicated team members due to the increasing role innovative tech is playing in the modern workplace. From ensuring competitive performance to defending against pressing threats, IT professionals fulfill many important functions today. The following are just a few of the tasks your dealership will need addressed to stay current and effective:

Meet expectations and cut inefficiencies:

Simple business improvement may be the most important IT use case, as the Harvard Business Review recently explained. Independent companies suffer from frighteningly high closure rates, and any edge that can improve customer service and internal productivity is worth taking. From updating analytics systems to improving point-of-sale terminals on the dealership floor, well-maintained IT can boost employee and consumer experiences.

Defend against cyberthreats:

Independent businesses, dealerships included, are targets of opportunity for cybercriminals. If you don't have dedicated IT personnel on your side, your systems may be especially vulnerable to intrusions, data theft and the negative repercussions that follow. According to the latest Verizon Data Breach Investigation Report, small companies made up 58 percent of cyberattack victims in the past year. Fields without security personnel on staff or on call may find themselves under attack by opportunistic data thieves.

Create stable and resilient data reserves:

Intentional breaches aren't the only threat to data, and contracting IT professionals can help dealerships' information reserves in multiple ways. Receipt Bank's Nelson Da Silva suggested to eWeek that companies should ensure their data is safe from loss in a disaster. From a natural event that wipes out servers to human error or a ransomware attack, there are plenty of issues that can damage poorly maintained tech resources - and the data within.

IT is the backbone of modern business.

Help specifically for dealerships

Looking for a third-party IT team to oversee your systems and services doesn't have to be a difficult or costly process. By working with a provider specifically catering to the auto industry, you ensure the experts are familiar with your needs, challenges and potential. Rather than dealing with continued risk and potential inefficiency, you can seek assistance from these teams.

Without the intervention of trained IT personnel from third-party sources, you may find yourself either devoting too much employee time and effort to keeping tech systems running or simply going without needed expertise. Neither option is particularly promising for your dealership, showing the value that comes with a team of experts. Having someone monitoring your systems at all times is a modern advantage for an auto dealer.

Baltimore, MD – June 28th, 2018 – Helion Automotive Technologies, the retail automotive industry’s leading Information Technology (IT) managed services provider (MSP), today announced it has been ranked # 65 out of 501 top managed services providers in the world according to the 2018 MSP 501 – Worldwide Company Rankings, up 4 spots from last year’s #69 ranking. The list is compiled annually by Channel Futuresä and is widely recognized as the IT industry’s most respected rankings. 

The MSP 501 is the first, largest and most comprehensive ranking of managed service providers worldwide. This year Channel Futures received a record number of submissions. Applications poured in from Europe, Asia, South America and beyond.

As it has for the last three years, Channel Futures teamed with Clarity Channel Advisors to evaluate these progressive and forward-leaning companies. MSPs were ranked according to our unique methodology, which recognizes that not all revenue streams are created equal. They weighted revenue figures according to how well the applicant's business strategy anticipates trends in the fast-evolving channel ecosystem.

“Being named one of the top MSPs in the world for the second year in a row is an honor, and truly demonstrates our commitment to delivering the best IT Managed Services to the automotive industry,” said Erik Nachbahr, Founder and President of Helion Automotive Technologies. “The automotive industry continues to be transformed by technology and our team is dedicated to bringing exceptional IT Support to our clients.”

Channel Futures is pleased to honor Helion Automotive Technologies

“This year’s applicant pool was the largest and most diverse in the history of the survey, and our winners represent the health and progressivity of the managed services market,” says Kris Blackmon, Channel Futures content director and editor of the MSP 501. “They’re growing their revenue, expanding their customer influence and exploring new technology that will propel them for years to come.”

Cybersecurity is simultaneously one of the most important areas of focus for auto dealerships and one of the easiest to overlook. It's vital because a data breach could represent an enormous setback for your business but may receive little attention if you think of your work as primarily based around a brick-and-mortar model.

When you consider the many massive, online-first companies holding large databases, it's hard to imagine a hacker deciding to infiltrate your auto dealership's systems in search of a payday. That doesn't mean such an attack won't happen, however. Cyberattackers may select their targets based on how prepared and well-defended those companies are. This potentially leaves your dealership exposed and at great risk.

A target of opportunity

According to Dealer Marketing contributor Jim Cunningham of the National Credit Center, independent car dealers fall into criminals' favorite category of companies to attack: small firms that may neglect their security. Large corporate organizations often have company-wide security tools, teams dedicated to IT protection and copious operational budgets. Small businesses that don't prioritize their own defenses appear to be soft targets next to the corporate alternatives, which means your dealership could be drawing unwanted attention right now.

As Cunningham pointed out, the fact that your company is smaller doesn't mean it lacks valuable data. Customer records and employee documentation may prove lucrative in identity theft or various types of financial fraud. Losing that information can damage your brand's ongoing appeal and customer trust. No matter how modest a role online operations play in your company's business model, IT systems are still targets.

Potential devastation

Auto Remarketing reported there are vulnerabilities scattered throughout dealership infrastructures. When criminals attack in person, they can take mere minutes to access systems and find valuable data. An online breach can be even more subtle. You may not realize your databases have been breached until the culprit is long gone. The news provider quoted Gemalto data that tells the commercial story of a data breach: 70 percent of consumers would leave a company that suffered a data breach.

Customers want to feel safe, and being infiltrated by data thieves threatens this feeling of security and well-being. Your reputation is one of the most important pieces of marketing collateral your organization possesses. Being breached may compromise your dealership's authority and its ability to let customers shop with confidence. Keeping IT defenses up to date can help stop this from coming to pass.

Time to check in

If you haven't checked on your data security posture recently, the results may demand immediate action. Vulnerabilities in present IT systems or out-of-date cyber defenses may be ticking time bombs in data breach terms. Working with a third-party IT provider is one way to get proactive and consistently updated monitoring and defense in place. Since these organizations specialize in managing tech, they offer a focused and specialized approach to essential systems, letting you get on with the important work of running your business.

Helion Automotive Technologies

In Part 1 of this series I discussed the growing threats and consequences of cyber security attacks. In Part 2 I reviewed the most common methods used by cyber criminals to launch attacks against dealerships.

In this installment I'll be reviewing the recommended policies, procedures and technologies to put in place that will help prevent your dealership from a cyber attack.

Technology Solutions

When it comes to cyber security, it's not enough to have just anti-virus or just a firewall. The reality of this new age of cyber crime is that all data is at risk. As business owners, we have a legal and ethical responsibility to protect our customers' data. For dealers today, a multi-layered approach is required to keep customer information safe.

Anti-virus software. Installing this on every PC will help detect and block many unwanted email threats. After an extensive review process, the brand we recommend—and use—is Webroot. It's a light product, which means that even if your PCs are three to four years old it won't weigh them down.

Firewall. The problem with most industry standard firewall products is that they do not update in real-time. The brand we use is Cisco Meraki; it's state-of-the-art and because it updates real-time it's more likely to detect and stop a threat as it's happening.

Spam filter/spam firewall. This software is specifically designed to detect and block email threats and it's pretty effective at doing its job. The brand we use is Barracuda and it blocks about 95 percent of emails to our clients, which tells you how much bad email is out there.

Intrusion Prevention Systems (IPS) monitor your network traffic. When a threat is detected the system takes immediate action to block all traffic from the offending IP address or port.

Web-filtering software. This monitors employee activity online and prevents them from accessing dangerous websites. Many cyber attacks come in the form of emails that contain links encouraging employees to click through to a malicious website.

Restrict local administrative access. Many dealerships do not have a centralized administrative set-up, which is really unfortunate. It's a security best practice to restrict your employees from being able to perform administrative functions on their PCs, such as installing and removing software.

Policies and Procedures

It's a mistake to rely on technology alone to keep your network safe from cyber criminals. These professionals rely on humans to make mistakes, and unfortunately, we often do. That's why it's important to implement these best practices.

Patching/software updates. The recent, huge Equifax breach occurred because of a simple failure to install a software update/patch. I can't emphasize enough how important this is to do on a regular basis for all of your Microsoft/desktop applications, email applications, Internet browsers and web-based applications.

Employee passwords. The National Institute of Standards and Technology (NIST) recently issued surprising new password guidelines. Instead of using a complicated combination of upper and lower case letters, numbers and symbols, users should choose a long phrase that's easy for them to remember and that nobody else would think of. Something like "Erikloveschocolatemilk."

Verbally confirm all wire transfers. Several controllers at dealerships have been fooled into wiring thousands of dollars to a U.S. bank, where the money subsequently disappeared. In all instances the controller received email instructions from the dealer principal, but the emails were actually sent from an imposter. The only surefire way to prevent this is to verbally confirm all wire transfers.

Logging records. In the event of a breach investigators will ask for logging records for all devices including PCs, servers, firewalls and mobile devices. It's important to keep records so the source of the attack can be identified.

IT security audit. Every dealership should have this done at least once, and preferably once a year. Hire an outside firm with security specialists. They are trained to spot network vulnerabilities that your every-day IT person doesn't know about.

Cyber incident response plan and response team. A plan doesn't have to be complicated. A one-sheet may be sufficient, with phone numbers for your organization's point of contact, your attorney and the number for your cyber liability insurance policy. Your insurance company should be able to put you in touch with a breach coaching team that will guide you through the incident.

Cyber liability insurance. How many customer records do you have in your DMS? For every record compromised in a breach, expect to pay from $10 to $30. If your dealership has 100,000 customer records you'll need to purchase insurance that will cover up to $3 million in expenses.

You may think that having all these measures in place is overkill, but trust me when I say it's worth it to prevent the severe consequences of a breach. Security breaches are expensive. In addition to thousands and maybe even millions of dollars paid out in reparation, your dealership will suffer from negative publicity and loss of consumer trust. A data breach is hard to recover from, so when it comes to keeping your customer data secure, there's no such thing as overkill.

In the final installment of this series, I'll go over the action steps you can take in the event that your dealership does experience a data breach.

If the threat of cyber attacks isn't keeping you up at night, perhaps it should. Somewhere, I guarantee there are cyber criminals lying awake at night thinking up new ways to steal your money.

In Part 1 of this series on cyber security, I discussed the increasing prevalence of cyber attacks and the consequences your dealership could face if attacked. In this post I'd like to address the current threats to your dealership.

The best offense to a cyber attack is defense, but it's hard to defend against a weapon you know nothing about. So let's review the most common tactics that cyber criminals are currently using to gain access to your network.

Phishing

Like a fisherman casting a wide net, a cyber thief creates an email and sends it out to a large group of people. The email is designed to look like it's coming from a well-know institution such as Bank of America or PayPal. This type of email alerts you to a problem with your account, asks for verification and encourages you to click on a link. The link takes you to a website that looks like an official website, where you are encouraged to login. Your login information is captured and the thief immediately goes to the real website and uses your login information to access your bank account.

Thanks to the rise of two-factor authentication and banks requiring verification with security questions, these attacks are becoming less of a threat. Many people have wised up to these types of attacks.

Spear Phishing

Spear phishing is slightly more sophisticated than phishing. In this type of attack the cyber criminal does a little more research on their targets, often by acquiring customer lists from companies. So let's say you've purchased something from Quickbooks or Target or Amazon. You receive an email or text that looks like it's from that company. The email includes a link and again you are taken to a page where you are encouraged to login or download a file or update.

If you download the file, you are likely installing malware on your computer. Common types of malware include ransomware and keylogger (see below).

Whaling

Recently a Toyota dealership I know of lost $60,000 in a whaling attack. This is a sophisticated type of attack that requires extensive research on individuals and companies. In this instance the controller received an email from what he thought was the principal. The controller and 'principal' exchanged a couple of emails before the principal asked the controller to transfer $30,000 to a bank account in Florida.

A few days later the controller received another request from the dealer. Again he transferred $30,000. For some reason, he had a few questions and called the dealer. It was only then they both realized they had been scammed. By the time they found out, the money was long gone and the account was closed. No way of getting it back

Impersonating a high-level executive in an email is pretty brazen, but these attacks are becoming more common. Emails like this may also be personal in nature, appearing to come from a spouse or child sharing a funny story or video, e.g. "This is so funny Dad, reminds me of 'Sparky' (your pet dog), click on the link." But there's nothing funny about what happens if you click on that link.

Ransomware

Spear phishing or whaling are tactics that can also be used to install malware. Ransomware is one type of malware that is being used to wreak havoc on thousands of businesses every year, and the number of attacks is growing.

Imagine getting an email from one of your suppliers that says "Invoice attached." The email addresses you by name and includes a friendly little message from your account rep at a supplier. You trust the sender so you click on the email attachment and the ransomware is downloaded onto your computer.

Alternately an email with a link can take you to an infected website that will download the malware onto your computer. From there it spreads into your dealership's computer network. The danger in ransomware is that it lies dormant for a period of days or even weeks...until it doesn't. Back-ups of your data performed during this period of dormancy will also back-up the ransomware.

Once the ransomware goes "live," your most recent back-ups will also be encrypted, so it will be impossible to restore your files from your most recent back-ups. In order to decrypt your files and have access to them again, the cyber thieves demand a ransom.

At this point you have two choices. Lose years worth of files and data or pay the ransom. The majority of cyber thieves demand the ransom in bitcoins, a form of electronic currency that's untraceable. Ransoms can range from thousands to tens of thousands of dollars.

Keylogger

Keylogger is another type of malware installed via the same tactics as ransomware. One dealership I know of suffered serious financial consequences from a Keylogger attack.

This particular attack was launched from Facebook. The F&I manager was browsing Facebook and somehow was tricked into downloading a file. The file installed Keylogger, which tracks every keystroke on your keyboard.

That day the F&I manager logged into the dealership's credit bureau and the criminals captured the login credentials. Later that night they pulled credit reports on over 200 customers. Fortunately the credit bureau identified the suspicious activity and stopped the credit pulls.

The aftermath was painful. An FBI investigation ensued and the dealership was forced to hire security experts to conduct a security audit. In the end the dealership paid out over $150,000 in remediation. That's one expensive Facebook session!

Beyond Sophisticated

As soon as you grow wise to one form of attack, cyber criminals are thinking up new and more sophisticated methods. Today they are even using big data and sophisticated analytics to figure out who is most vulnerable to attacks.

At this moment, someone out there may be collecting data on you. They may be collecting data on your religion, political beliefs, shopping habits and work environment.  All this data is used to identify people who are most susceptible to suggestion and to suggest tactics most likely to succeed. There is nothing random about these attacks.

In Part 3 of this series, I'll list the policies, procedures and technologies that your dealership can implement to help protect against these forms of attack.

Timonium, MD –­ October 10, 2017 –­ Helion Automotive Technologies, the retail automotive industry's leading Information Technology (IT) managed services provider (MSP), today announced that its President and CEO, Erik Nachbahr, will co-present with Kai Nielsen, Director of Strategy and Business Ops with Dealertrack DMS, at the upcoming DrivingSales Executive Summit. Nachbahr's and Nielsen's session is titled "Data Security for Today's Dealerships" and will address the growing risks of data loss due to security breaches.

"Dealers may think this is a technology issue but data security is an important business issue that every executive needs to understand," said Nachbahr. "Dealerships are ideal targets for cyber criminals and many dealerships have experienced security incidents with severe consequences. In this session we'll give dealers a detailed plan for protecting their data."

In the U.S. approximately 75 percent of small and mid-size businesses have experienced security breaches, according to a July 2016 report by Osterman Research titled IT Security at Small to Mid-Size Businesses (SMBs): 2016 Benchmark Survey.

"Dealers should demand more from their DMS and that certainly applies to data security," said Nielsen. “Both Dealertrack DMS and Helion Automotive Technologies are committed to helping dealers protect their reputations and customer relationships. Having the data accessibility necessary to conduct business and being trusted stewards of customer data should not be mutually exclusive.”

In their joint session, Nachbahr and Nielsen will cover:

• Simple policies and procedures to implement in your dealership that will reduce the risk of data loss

• Steps you should take to protect your dealership at the physical level

• Technologies you should invest in that are equipped to protect against data threats

"Data Security for Today's Dealerships" is scheduled for Monday, October 23rd from 2:55-3:35 pm. The DrivingSales Executive Summit is being held at the Bellagio in Las Vegas, NV. For more information or to register, visit http://www.drivingsales.com/dses

About Dealertrack

Dealertrack is the leading provider of digital solutions to the automotive retail industry. Whether you're a dealer, a lender, a manufacturer, or a state agency, our integrated and intuitive approach to products and services makes your workflows more efficient, transparent, and profitable. From our pioneering Digital Retailing tools—bridging the gap between the online and in-store experience—to our lender network (the largest in North America) Dealertrack is the only company helping enable the transformation of auto retailing. Dealertrack is a part of Cox Automotive. For more information please visit www.coxautoinc.com.

About Helion Automotive Technologies

Helion is a leading IT solutions provider for over 20 years, providing 650+ auto dealers nationwide, with faster, more efficient networks and secure data protection. From managed services to IT assistance and service desk help, Helion offers both short-term IT fixes and long-term planning so dealers can focus on what matters most: selling & servicing cars. Dealers can request a free assessment of their IT needs at www.heliontechnologies.com.

Timonium, MD – October 2, 2016-- Helion Automotive Technologies, a leading provider of information technology (IT) solutions for auto dealers, announced today that Erik Nachbahr will address security risks and prevention at the upcoming AICPA National Auto Dealership Conference in Las Vegas, NV and at the NCM Mega-Dealer Group.

"Data security continues to be a hot topic with dealers, especially in the wake of the Equifax breach," said Erik Nachbahr, President of Helion Automotive Technologies. "The threats out there are growing every day and it's such an important issue that dealers need to understand. It's very difficult and hugely expensive to clean up after a big breach so prevention is key."

At the NCM Mega-Dealer Group conference Nachbahr will present The State of I.T. For the Automotive Industry. In this session dealers will learn about the growing cybersecurity threats and how they can keep their data secure. Additionally, Nachbahr will share guidelines for scaling technology to support dealership growth and success.

Nachbahr's NCM Mega-Dealer Group session is scheduled for Friday, October 20th at 8:30 am EST.

At the AICPA National Auto Dealership Conference in Las Vegas, NV, Nachbahr will present IT Security, Productivity and Strategy for Dealerships. In this session Nachbahr will take a deep dive into:

• Cybersecurity: Learn what cyber liabilities are, how to identify them and protect yourself
• Voice: How a successful phone strategy can improve your bottom line
• Scalability: Why planning for the future now matters in a growing dealership
• IT Budgets: Discover the most important areas where you should be investing

Nachbahr's session at AICPA is scheduled for Wednesday, October 25th at 5 p.m.

For more information contact Helion at 443-541-1500 or visit http://www.heliontechnologies.com.

About Helion Automotive Technologies

Helion Automotive Technologies is a leading IT solutions provider for over 20 years, providing 650+ auto dealers nationwide, with faster, more efficient networks and secure data protection. From managed services to IT assistance and service desk help, Helion offers both short-term IT fixes and long-term planning so dealers can focus on what matters most: selling & servicing cars. Dealers can request a free assessment of their IT needs at www.heliontechnologies.com.