Here's a scenario that unfortunately many dealers are familiar with: your star salesperson is poached by the competition. To add insult to injury, the salesperson takes with him a list of all his--and your dealership's--former customers.

Now your competition is reaping the benefits of your dealership's marketing dollars. If you're lucky, that list of contacts is the only thing the salesperson took. In some cases former employees take a lot more than that.

In fact, right now an ex-employee could be logging into your CRM to steal leads and view your recent sales activity, and you don't even know it's happening.

Fortunately, stopping this type of nefarious activity is easy. But you can't fix what you don't know.

A simple checklist is all it takes to ensure that unauthorized users have zero access to your database, leads and other information.

At Helion we call this a "User Account Creation" list, which, upon termination of the employee, becomes the "User Account Termination" list. A manager or someone on your human resources or information technology (IT) team should be assigned the task of going through the list, and it should become a mandatory part of the hiring and firing process.

When someone is hired, create a list of every account that person has access to. Include licensing information for all software that person will use.

Your list may include the following:

Logins and passwords for the following accounts:

• PC/Windows
• DMS software
• CRM software
• OEM interfaces
• Social media accounts
• Dealership bank accounts
• Other third-party websites or software

Licensing numbers for:

• Microsoft Windows
• Adobe Acrobat
• Antivirus programs

Every time a person is hired, create the checklist and keep it in the employee's file. When the person leaves your company, someone must go through the checklist and delete the user from every account. This will eliminate that employee's ability to log in and view financial data or customer records.

Another way that employees may gain access to your dealership's network is by installing remote access software onto their PCs. This off-the-shelf software, such as logmein or gotomypc, is designed to allow employees to use their home computer to access their work computer so they can work from home.

Unfortunately, this means the employee can use their home computer to access their work computer even if they're no longer employed at your dealership. These remote access software programs run in 'stealth mode,' which means the average user doesn't know they're installed.

The best way to disable remote access software is to use Microsoft Active Directory. Active Directory is a centralized administrative software program that has been used in corporate America for decades. Active Directory keeps every employee in a directory and allows administrative rights to be assigned to each individual.

With Active Directory you can prevent employees from installing any new software of any kind onto their computers, which I highly recommend. When an employee leaves the company and their account is disabled in Active Directory, they will no longer be able to access their former PC or your dealership's network, even if they do have remote access software.

Creating this checklist will greatly reduce the likelihood that a former employee will steal your data. Unfortunately, you may not be able to protect against every kind of theft. I know of one dealer who discovered that a former sales manager was paying the receptionist to feed him leads out of the CRM. This type of 'theft' is harder to protect against.

But most ex-employees are more opportunists than outright thieves. Their attitude is, "Well if they didn't want me in the system, they would have locked me out, right?"

Right. So if you don't want former employees in your system, lock them out.

Insurance is one of those business costs we all hate paying every month, until the day we actually need it. I'm not an insurance expert so I don't know exactly how many policies a typical dealership has. I imagine it's quite a few when you add up the various property, casualty and liability coverages.

But I do know there is one very important insurance that a lot of dealerships don't have and don't realize they desperately need: cyber liability insurance.

Cyber liability insurance covers costs related to a breach of data at your dealership. The likelihood of this occurring is high. In the last 12 months 71% of Small to Mid-Size Businesses (SMBs) reported a security breach, according to a July 2016 report titled IT Security at Small to Mid-Size Businesses (SMBs): 2016 Benchmark Survey. Companies with fewer than 500 employees proved the most vulnerable with a 75% breach rate.

Property insurance may cover physical damage to your hardware, software and networking equipment, and casualty insurance may cover losses of the same due to theft. But neither will cover costs related to loss or theft of your data.

If a hacker gains access to your customer records, the costs to your dealership can be astronomical.

In one dealership I know of, a cybercriminal hacked into their credit bureau and pulled over 200 credit reports, costing the dealership over $150,000.

If your dealership database contains 100,000 customer records and someone gains access to all of those records, the cost could be in the millions. This is based on an average $10 to $30 per customer record breached.

Why so much?

When criminals gain access to your company database, they gain access to sensitive data like social security numbers, credit card numbers and addresses. They then try to use this information to open and access accounts, drain money and destroy individuals' credit.

Your dealership is liable for these types of attacks and the resulting costs, which may include:

Investigations. When a data breach occurs, it's recommended that you notify local law enforcement. This may lead to the FBI getting involved. In some cases the FBI will notify you that a data breach has occurred. If this happens there's a good chance that a computer forensic investigation will be ordered, the costs of which your company must bear. Computer forensic experts charge up to $1,000 per hour and an investigation takes many, many hours.

Business Interruptions. In some cases your business may be ordered to close the doors while the source and impact of the data breach is assessed.

Notifications and Credit Monitoring. In many states, your business is required to notify customers if their Sensitive Personally Identifiable Identification (SPII) have been accessed or acquired. In addition, you may be required to offer free credit monitoring services to every person impacted.

Crisis Management and Public Relations. When a data breach occurs, quick action is important to help restore the public’s confidence. Professional services may be needed to help your business recover from the negative publicity.

Lawsuits. It's likely your dealership will become a target for customer and class-action lawsuits related to the data breach. Also be prepared for possible FTC action for non-compliance with the Gramm-Leach-Bliley (GLB) Act and software copyright laws.

To protect your dealership from the harsh consequences of a data security breach, consider adding cyber liability insurance to your list of policies. You may not think you need it, but if you ever do, you'll be very grateful to have it.

Helion's expertise and scalability of services allows auto group to focus on core business and improve customer experience as it acquires four new dealerships

Timonium, MD – October 17th, 2016-- Helion Automotive Technologies announced today that New England based Balise Auto Group has enjoyed tremendous growth in the past four years, with some help from improvements to its information technology (IT) network. Since outsourcing its IT services to Helion, Balise Auto Group has established new, more efficient processes that have improved the customer experience. Additionally, the 23-store auto group has been able to pursue an expansion strategy that included the acquisition of four dealerships and moving ten of its stores into new facilities.

"Prior to working with Helion, we recognized that technology was changing faster than our ability to keep up with it, and being able to manage the computer system was becoming increasingly important in terms of how we run our business," said Jeb Balise, CEO of Balise Auto Group.

In 2012 Balise Auto Group was poised to take advantage of the economic recovery and ready to expand, but many stores were hampered with productivity problems associated with Internet outages, periodic system downtime and general slowness of PCs and software.

"For every problem we had we would come up with a solution," said Balise. "But the solutions kept getting more expensive and complicated our business model even more, until the point where we were focusing way too much time on computer issues."

Balise asked consultants and colleagues at other auto groups for recommendations, and the name Helion Automotive Technologies was mentioned several times. Soon after, Balise transitioned from an in-house IT staff to a 100 percent outsourced IT solution with Helion.

Helion's certified IT technicians began by reviewing Internet connectivity to see if the stores had enough bandwidth to handle data requirements. In Balise's case, Helion upgraded the majority of stores to fiber optics and ensured resiliency with more than one carrier. This greatly increased overall Internet speeds and eliminated outages.

Additionally, Helion's technicians made improvements and upgrades to the auto group's WiFi networks, software, PCs and other hardware.

"By eliminating bottlenecks the result is we have a much faster and more responsive system," said Balise. "This allowed us to finally focus on developing new processes, such as digital contracting and digital archiving. Before Helion, it was impossible to do this because we didn't have the system performance to take advantage of these features in our DMS."

A significant increase in WiFi capacity has allowed Balise to implement customer-focused processes in sales and service. In the service lanes, additional access points and outdoor antennas allow service advisors to greet customers and perform transactions with mobile tablets.

Wireless antennas also expand WiFi access out to the lots, where salespeople can interact with customers using mobile devices.

"Most of our customers use mobile devices out on the lot, so from our standpoint the sales associates have to be doing the same thing," said Balise. "If a customer calls and asks about a car while the salesperson is out on the lot, that salesperson can instantly pull up the information on their mobile device, instead of having to tell the customer they'll call back after they get back to their desk and look up the information."

Prior to Helion, Balise Auto Group experienced problems with its phone system and processes. Wait times were inconsistent, customers were occasionally routed to the wrong place and many calls were dropped. Helion established a new call flow and made some technical fixes that solved the issues. "We receive a huge volume of calls and not having the ability to handle those properly was a big problem," said Balise. "Helion engineered fixes so our call centers are much more efficient, and nearly eliminated misdirected or dropped calls."

While Balise Auto Group's management and employees focused on improving processes, Balise himself was focused on growth and expansion. Since 2012, Balise has acquired four dealerships and moved 10 of its stores into new facilities. Helion was tasked with setting up all the IT in the new facilities and integrating the networks of the acquired dealerships with Balise Auto Group's existing IT network.

"A real benefit to having Helion was the scalability of their services. They were able to swarm every new project with additional staff," said Balise. "With a fixed IT staff we could not have opened as many new stores or facilities. Our IT staff was kept so busy responding to tickets and keeping the status quo running, it was nearly impossible for them to be proactive."

Last but not least, Balise credits Helion with providing a peace of mind associated with increased security and redundancy. Helion's security services include maintaining and monitoring firewalls, performing software patches and upgrades and email security. "It's nice to be able to sleep at night knowing that the best people are taking care of things," said Balise.

For Balise Auto Group, outsourcing IT to Helion greatly improved system performance on every level. This allowed staff to implement new processes and provide the highest level of service to their customers, all while continuing to grow and expand.

"Since bringing Helion on board we spend a lot less time thinking about computer problems and a lot more time focusing on our core business," said Balise.

For more information contact Helion at 443-541-1500 or visit http://www.heliontechnologies.com.

About Helion Automotive Technologies

Helion...Putting Your Dealership in the FAST LANE! Helion Automotive Technologies is a leading IT solutions provider, providing auto dealers with faster, more efficient networks and secure data protection. From managed services to IT assistance and service desk help, Helion offers both short-term IT fixes and long-term planning so dealers can focus on what matters most: selling more cars. Helion has specialized in IT for more than ten years and works with 650+ auto dealers nationwide. Dealers can request a free assessment of their IT needs at www.heliontechnologies.com.

When you're busy working on your computer, what do you do when you see a little pop-up message notifying you that it's time to download an update? If you're like most people, you click on "Try Again Later," or "Try Tonight." You don't want to be bothered with having to download and install software updates.

But if you ignore those updates for too long, it's like leaving the back door to your dealership open at night. Come on in, thieves! Take whatever you want!

That's because 90% of updates are security patches for software and operating systems (OS). A software program with a security hole in it lets in malware and viruses that can wreak havoc on your entire computer network.

Applying software updates, also known as patching, is one of the most important security measures you can take to protect your dealership. Yet in my experience, 95% of dealerships aren't doing this on a regular basis.

In addition to security, patches add new features or push updates to device drivers. Ignoring these patches not only leaves the software at greater risk to attacks, but also ensures that your software becomes outdated and possibly incompatible with newer devices and software.

In dealerships, you want to regularly patch Microsoft Windows and its related applications such as Microsoft Internet Explorer.

For dealerships, patching can be tricky. Many OEMs and third-party software vendors build their web interfaces around a browser version such as Internet Explorer 10. Microsoft is constantly releasing patches to update Internet Explorer, Windows OS and Office. Over time, if your OEMs and third-party software vendors aren't updating their software interfaces at the same pace as Microsoft, this can eventually cause compatibility problems.

The solution is to check with your OEM and vendors periodically to see what versions of OS and Internet Explorer their software supports. If they aren't the most recent versions, complain!

The only way to deal with this problem is to selectively patch everything except the programs necessary to interface with the software. Then keep hounding your vendors until the necessary updates are done. It's a matter of security and there's really no excuse for vendors who aren't keeping on top of this.

A while ago Microsoft decreed the second Tuesday of every month "Patch Tuesday" because that was the day they officially released all patches. Due to increased security risks, Microsoft has abandoned a weekly schedule and now releases patches whenever they become available.

We recommend that dealers use a centrally managed patching system to control the release of approved patches into the dealership. While Windows has a built-in automatic patch system it can wreak havoc. Although the auto-patching will keep your PC up to date, it will not block patches that can disrupt applications.

Think of patching software like routine maintenance for a car. The car may run for a long time without maintenance, but driving becomes more dangerous the longer you go without replacing worn parts.

Your customers don't want to take the time to bring their car in for maintenance, but they know they it's important so they do it. That's how dealers should think of patching; it may be annoying, but it's absolutely necessary to protect your dealership.

Timonium, MD – September 26th, 2016-- Helion Automotive Technologies, a leading provider of information techology (IT) solutions for auto dealers, announced today that Erik Nachbahr will present at the AICPA National Auto Dealership Conference. In his session Dealership IT: What Matters Now and in the Future, Nachbahr will share the top technology issues that auto dealers should focus on to ensure their infrastructure can support business operations, now and into the future. The session is scheduled for Wednesday, October 5th at 5:00 p.m.

"One area that nobody talks about and that I will touch on is call-flow, which is probably the most overlooked issue in auto dealerships today in terms of its direct impact on revenue," said Erik Nachbahr, President of Helion Automotive Technologies. "Fixing a dealership's call flow is like unearthing a golden nugget; it's a simple concept that delivers immediate and tangible results."

According to CallRevu, an industry-leading call monitoring solution, 31% of incoming sales calls and 20% of incoming service calls never reach an agent. While connected calls that don't convert to appointments can be attributed to phone processes, the calls that never connect can be attributed primarily to a poorly designed call flow, according to Nachbahr.

"When a customer is transferred into a black hole, or their call is bounced around the dealership, or an extension rings more than six times, there is a high probability that customer is going to hang up and never call back," said Nachbahr. "For dealers, that's a huge percentage of customers they're losing due to an issue they've probably given little thought to."

Call flow is a set of rules that define where every call goes, and how and when those calls get routed somewhere else. Call flow answer questions such as: What happens if a customer hits option #1? How many times does the phone ring at the service advisor's desk, and where does the call go after that? What happens if someone direct dials an extension after hours?

Call flow is a critical issue in auto dealerships because connected calls result in a higher percentage of sales and service appointments. In sales, 42% of connected calls result in an appointment, while in Fixed Ops, 59% of connected calls result in an appointment.

In his AICPA session, Nachbahr will reveal the five reasons why call flow in dealerships becomes disrupted. He will also share a five-step process that will instantly improve connected call rates.

The AICPA National Auto Dealership Conference is the only conference geared toward CPAs and financial professionals in the auto industry. Nachbahr's presentation is ideal for CPAs with auto dealer clients and for dealership professionals including owners, general managers, CFOs, CEOs, controllers and auto manufacturer representatives.

The AICPA Auto Conference is being held October 5th, 6th and 7th at the Bellagio Resort and Casino in Las Vegas, NV.

For more information contact Helion at 443-541-1500 or visit http://www.heliontechnologies.com.

About Helion Automotive Technologies

Helion...Putting Your Dealership in the FAST LANE! Helion Automotive Technologies is a leading IT solutions provider, providing auto dealers with faster, more efficient networks and secure data protection. From managed services to IT assistance and service desk help, Helion offers both short-term IT fixes and long-term planning so dealers can focus on what matters most: selling more cars. Helion has specialized in IT for more than ten years and works with 650+ auto dealers nationwide. Dealers can request a free assessment of their IT needs at www.heliontechnologies.com.

In the last 12 months 43% of Small to Mid-Size Businesses (SMBs) experienced a successful phishing attack, according to a July 2016 report titled IT Security at Small to Mid-Size Businesses (SMBs): 2016 Benchmark Survey. Was your dealership one of them? You may believe it won't ever happen to you, but chances are very good that one of your employees will become phish bait in the next year; and if they do, your dealership could lose thousands of dollars.

Phishing attacks appear in the form of emails that appear to come from a legitimate entity or person, such as a bank or online payment processor. The message contains a link that takes the victim to a fraudulent website where the user is prompted to provide login information. The cybercriminals then use that information to access the dealership's real accounts.

In one dealership I know of, an accounting employee received an email that he thought was from the bank. He clicked on the link and logged into a website that looked exactly like the bank's website. Shortly after, the phishers initiated a $450,000 wire transfer from the dealership's real bank. Fortunately the bank flagged the activity as suspicious and stopped the transfer from happening.

Spear phishing takes the scam one step further and targets specific individuals within organizations. In auto dealerships, this may be the controller or someone in the accounting office. The employee receives an email that appears to be from a dealer principal or general manager, with a request and instructions on how to wire money to an account.

This happened in another dealership I know of. An employee in the accounting department received an email from someone who he thought was the dealer asking him to initiate a $30,000 wire transfer. The employee exchanged several emails with the person posing as the dealer before complying with the request. The employee never suspected a thing. It was only discovered later that the email was a scam and unfortunately, there was no way to retrieve the funds.

Whaling is spear phishing taken to yet another level, targeting high-level executives within an organization. These attacks are very sophisticated. Phishers do quite a bit of research on their victims, using social media and other sources of information to gather information on personal history, interests and activities. They also collect names, job titles and email addresses of colleagues, and the information is then used to craft a personal and believable email.

Phishing emails may also appear to come from your email provider, social networks or delivery companies like FedEx. These emails contain links that bring you to fake login pages where they capture email and password information. Cybercriminals bank on the fact that many people use the same email and password for more than one account.

Even dealerships with state-of-the-art firewall and security software are vulnerable to phishing. It's difficult to prevent what appears to be a legitimate email from getting through the defenses.

Don't Get Hooked by Phishers!

To prevent your dealership's employees from becoming phish bait, education and training are key. Following these recommendations will help:

1) Require verbal verification for all wire transfer requests.

2) Never click on links in emails, or reply to emails that request personal information. Phishers often use terms like "urgent action required," "your account will be closed," or "your account has been compromised" to get people to react. If you receive an email like this, don't click on the link in the email. Instead, open up your web browser and manually navigate to what you know is the legitimate website. If you're concerned, call the company and ask to speak to a representative.

3) Change passwords. Don't use the same password for more than one online account. Change all your passwords every 90 days. Never share or give login information to anyone.

4) Keep your social media profiles private and don't accept friend or connection requests from people you don't know.

The good news is that it just takes some basic awareness and caution to avoid getting hooked. Once you know what to look for, it's easy to stop phishers in their tracks.

Timonium, MD – August 22nd, 2016-- Helion Technologies announced today that 75 percent of small businesses have experienced security breaches in the last 12 months, according to a recent survey conducted by Osterman Research. The findings were published in a July 2016 report titled IT Security at Small to Mid-Size Businesses (SMBs): 2016 Benchmark Survey. The results were obtained from organizations ranging in size from 100 to 3,000 employees.

"These findings are similar to what we are seeing in auto dealerships, and unfortunately we are seeing the rates of attack continuing to increase," said Erik Nachbahr, President of Helion Technologies. "Every time a hacker successfully breaches a network and profits from the attempt, 10 more hackers get into the game."

Small businesses, defined as having fewer than 500 employees, were most vulnerable to security attacks as they are less likely to have full-time security experts on staff. Nearly one-third of the survey respondents have two or fewer IT personnel focused solely on security, indicating that smaller companies do not have the expertise necessary to deal with attacks, infections and other problems quickly and efficiently.

"Security doesn't have to be this massive, complicated problem for auto dealers," said Nachbahr. "Prevention is actually pretty inexpensive and easy. What's really costly is when a breach happens. A single incident may result in the loss of hundreds of thousands of dollars. Yet with simple technology precautions as well as employee awareness and training, these incidents can easily be prevented."

According to the survey, the most successful form of security attacks included:

Phishing: 43 percent of SMBs experienced a successful phishing attack. Phishing attacks appear in the form of emails that appear to come from a legitimate entity or person, such as a bank. The message contains a link that takes the victim to a fraudulent website; for example, a website that looks exactly like the bank's website. The user is prompted to provide login information, which is then used by the hackers to access the dealerships' real bank account.

Spear phishing takes the scam one step further and targets specific individuals within organizations. In auto dealerships, typically this is the controller or someone in the accounting office. The employee receives an email that appears to be from a dealer principal or general manager, with a request and instructions on how to wire money to an account. Once the money is wired, there is no way to retrieve it.

Virus or Worm Infection: 36 percent of SMBs experienced these types of attacks, which are computer codes that replicate themselves and spread through a computer network. Viruses and worms are designed to destroy data, use available memory and bring systems to a halt.

Ransomware: 23 percent of SMBs were victims of ransomware, a type of malware that infects computer networks and lies dormant for a period of time. Once activated, ransomware encrypts all files in an organization and the hackers demand a ransom for their release.

The survey also found that for SMBs, overall security-related costs have increased an average of 23 percent in the last 12 months. The increase is likely correlated to the growing number of security threats; for example, in 2015 the number of phishing URLs increased by 55 percent and the total volume of new malware increased by 14 percent.

One of the primary targets in SMBs is data. In auto dealerships there is enormous value in all of the customer records kept in dealership management systems and customer relationship management applications. Stolen login credentials, credit card numbers, social security numbers and account numbers can be used for a variety of purposes; including gaining access to corporate financial accounts, selling credit card numbers on the open market or creating new identities for criminals.

Auto dealership employees can minimize the threat posed by phishing, worms, viruses and ransomware by doing the following:

• Don't click on any links in emails or download documents sent by an unknown party
• If you receive an email from your bank, don't use that link to go to the bank's website. Instead open a new window to navigate to your bank's website. If you have any concerns about the content of the message you received, call your bank
• Require verbal authorization for all email requests to wire or transfer money
• Keep every computers' operating system and other software applications up to date, installing patches and updates regularly
• Use firewall and antivirus software

For more information contact Helion at 443-541-1500 or visit http://www.heliontechnologies.com.

About Helion Automotive Technologies

Helion...Putting Your Dealership in the FAST LANE! Helion Automotive Technologies is a leading IT solutions provider, providing auto dealers with faster, more efficient networks and secure data protection. From managed services to IT assistance and service desk help, Helion offers both short-term IT fixes and long-term planning so dealers can focus on what matters most: selling more cars. Helion has specialized in IT for more than ten years and works with 650+ auto dealers nationwide. Dealers can request a free assessment of their IT needs at www.heliontechnologies.com.

If you're like most people, you probably use your Microsoft Office programs on a daily basis and don't even think about it. But if your dealership purchases software off-the-shelf, there's a fairly good chance you may be a software pirate. Meaning, there's a good chance that someone in your dealership has installed Microsoft Office on six or ten or even dozens of computers, instead of limiting installations to the three or five licenses that came with the package.

This practice is more common than you might think, and it's a very costly one if you get caught. One dealership I know of got caught using unlicensed copies of Microsoft Office on over 300 computers, and had to pay a fine of $1.5 million! Another dealer I know of purchased a small dealership only to be hit with $50,000 in fines because the new store had unlicensed software installed on its computers.

In recent years, the Business Software Alliance (BSA) has really cracked down on small and mid-sized businesses. Large companies are usually more compliant because they can negotiate bulk-price deals with the software publishers, and because they are more likely to address common legal liability issues. But with small and mid-sized businesses, the attitude is often, "Well, who's going to know?"

The answer is: your employees. The Business Software Alliance offers whistle-blowers cash rewards for reporting businesses that use unlicensed software. The vast majority of whistle-blowers are disgruntled employees.

The sad part about getting caught is that many dealerships don't even realize they are out of compliance. Sometimes it's the employees who are making unauthorized copies of a program and distributing it to their co-workers. Or the employees download pirated music and games onto their company PCs, exposing the dealership to legal liability.

However, many times it is the dealers who are knowingly trying to keep costs down by installing a program on more than one workstation. This is a case of being penny-wise and pound-foolish. An attempt to save hundreds of dollars per user in software licenses can end up costing hundreds of thousands of dollars in fines!

Additionally, the Business Software Alliance distributes press releases identifying license violators. If you're concerned about your dealership's reputation, do you really want that information to be online and readily available for sharing on social media and dealer review sites?

In dealerships, the most common software license violations occur with Microsoft Office, Adobe Acrobat and antivirus programs from publishers like Norton and McAfee.

Tips to keep your dealership's software licenses compliant include:

• Buy computers with pre-installed software. When you purchase new PCs, pay a little extra to get a pre-installed version of Office. That way the license is tied to the computer and can't be copied or used elsewhere.

• Publish a software license policy. Adopt a zero-tolerance position on using unlicensed software. It won't help you if you're caught, but it will help to educate your employees, show good faith in the event of an audit and allow you to discipline employees who violate the rules.

• Lock down employee PC permissions. I'm a big fan of Microsoft Active Directory for many reasons, and this is one of them. With centralized administrative controls, you can easily prevent your employees from installing any new (unauthorized) software onto their PCs.

• Use cloud-based software. Google Apps for Work charges $5 per user per month, and offers many of the same features as Microsoft Office. If you choose this option, just be sure your PCs are newer than four years old and your Internet and network switches support a screaming fast connection. Otherwise, your employees will be screaming with frustration.

• Conduct your own audits. Schedule routine examinations of your employees' computers for performance issues and to upgrade software. This is a good time to also perform a software inventory and audit. 

Are you a software pirate and don't even know it? If you're not sure, it may be time to do a review and audit of your software licenses, before the BSA comes knocking on your door to do it for you. Remember, the cost of compliance is infinitely less than being fined.

Imagine that you are applying for a loan at a bank. As you sit there with the loan officer, you notice that she is using a laptop with an American Ninja sticker on the back of it. You laugh and point, "What's that? Is your bank sponsoring that TV show?" The loan officer laughs and shakes her head. "Oh no," she says, "I'm a fan. This is my personal laptop that I bring into work with me."

You would be shocked, wouldn't you? Even outraged. All your sensitive, personal information that is stored in the banking system is being accessed through a personal laptop! You would probably wonder how secure that is.

In case you're wondering, it's not at all secure and you would have a right to be outraged. But of course, you never have to worry about this scenario because it's against banking regulations as well as common sense.

Yet for some reason, some dealerships allow employees to bring personal laptops, tablets and cell phones into work and use them to access the DMS, CRM and other programs where sensitive data for thousands of customers is stored.

This practice is a really bad idea for two primary reasons:

First, the employees could be bringing in viruses. Most people don't have adequate security protection for their personal laptops and tablets they use at home. If one of those devices gets infected, is brought into your dealership and hooked up to your network, there's no stopping it.

Firewalls and anti-virus software are designed to keep bugs out of the network, but if you open the door and literally invite strange devices inside the security perimeter, there's nothing that will stop the virus or malware from spreading.

Second, allowing employees to use their personal devices at work makes it way too easy for them to steal sensitive data and customer information. There's nothing to stop them from downloading files of customer names, phone numbers, security numbers, competitive pricing information, or whatever else they think might be helpful to them--especially if they're considering a job change in the near future.

To prevent this from happening in your dealership, I recommend the following:

Don't allow employees to bring in personal devices!

A personal cell phone is okay as long as they hook up to the guest WiFi network, and not the dealership's primary business WiFi network. And employees should not be able to connect their personal laptops and mobile tablets to the DMS, CRM and other programs. If your employees want to access the CRM with a mobile cell phone app, purchase and issue business-only cell phones for them.

If your dealership is using mobile tablets, purchase the tablets for your employees. The cost is miniscule compared to the thousands of dollars you'll have to pay if you have a data breach or conduct a computer forensic investigation in the event of theft. And if your dealership's IT network is shut down by a ransomware attack for a few days, it could end up costing tens of thousands of dollars.

Use Microsoft Active Directory

For added protection, use Microsoft Active Directory, an off-the-shelf centralized administrative software program. Active Directory allows administrative rights to be assigned to each individual. With Active Directory, you can prevent employees from connecting to your business network using their personal devices.

Another reason to use Active Directory is because you can also prevent employees from installing any new software onto their work computers. Why is this important? Because employees can easily gain remote access to your dealership's network using their personal devices by installing off-the-shelf software such as logmein or gotomypc. This software is installed on a work PC and is designed to allow employees to use their home computer to access their work computer when they work from home.

The problem is, remote access programs typically run in stealth mode so the average user doesn't know it's on the PC. If and when an employee quits, they will still be able to access your dealership network and all its programs using their personal devices from home.

Protecting your company's data and your customer's data is a high priority for every dealer. Allowing personal devices to be brought into the dealership presents a double-threat of employee theft and/or being wiped out by a virus or malware attack.

What do you think? Have you heard of any dealers who suffered consequences from allowing employees to bring in personal devices?

One of the most common frustrations I hear from dealership employees is vendor finger pointing. Have you ever experienced anything like this?

Your inventory management software is not delivering updated information to the DMS. You call the inventory management vendor and they say the problem is with the DMS. You call the DMS vendor and they say the problem is with the inventory management software. Both vendors' tech support people insist they are right. Not only that, but when you get upset, they have the nerve to give you attitude!

You don't care who's right or who's wrong. All you want is for the software to work.

Other than tearing your hair out, what can you do in this situation?

The quickest way to ensure a resolution is to:

1) Call your sales representatives with both companies. Explain the problem and tell them you want to set up a three-way call with yourself and both of them.

2) Ask the sales reps to escalate the situation internally so there will also be a higher tier customer or technical support person on the line during the call.

3) Don't take no for an answer. Your time is valuable and you shouldn't be wasting it on the phone without getting answers.

4) Before the conference call, document the exact problem you are having and take screen shots of any error messages that occur. Email documentation to each sales rep and ask them to forward it to the tech support.

Getting both vendors on the same phone call at the same time should help to expedite a resolution.

Have you ever experienced vendor finger pointing? How did you resolve the problem?