Notifications & Messages

Jared Hamilton
From: Jared Hamilton
Hey - It’s time to join the thousands of other dealer professionals on DrivingSales. Create an account so you can get full access to the articles, discussions and people that are shaping the future of the automotive industry.
Lisa Plaggemier

Lisa Plaggemier Director, Business Security Office

Exclusive Blog Posts

The secret of effective Japanese human resource management

The secret of effective Japanese human resource management

Human resource management is critical to the success of your business. And it seems that Japanese businesses understand the importance of this most. Be…

5 Ways to Create Employee Engagement at Your Dealership

5 Ways to Create Employee Engagement at Your Dealership

Research shows what you already know: engaged employees are more productive, more loyal, and more profitable. The folks at TINYPulse performed an in-dep…

Organic Listings are More Effective Than Paid Ads

Organic Listings are More Effective Than Paid Ads

  Being in the organic listings doesn't cost you anything. They receive 10 times the traffic that paid advertising does.  It…

Two Things to Consider When Hiring A Candidate for Your BDC

Two Things to Consider When Hiring A Candidate for Your BDC

It is one thing to have a clearly defined job description, and another to actually execute that role. Namely, what is that role, and how does it work withi…

Aim for the Right Service Customers with Data

Aim for the Right Service Customers with Data

The service department at dealerships is mostly passive, not actively seeking out new clients. No one’s going to turn down new customers, but activel…

Four Keys to Protecting Your Business from Risk

You’ve built a successful business. Now how do you get your employees to care as much about protecting it as you do?

People are your greatest asset, but some days they can feel like your greatest liability. Humans are fallible, and even the best ones make mistakes. There are only a few bad apples out there that come to work to do harm, not good. So how do you keep well-intentioned people from making mistakes, and let the potential rogue employee know you are not going to let them get away with damaging what you’ve built?

The key is the culture you foster in your business. Company culture sounds like a touchy-feely thing that you can’t control, but more of it rests with you and your leadership than you might realize. As Peter Drucker said, “Culture eats strategy for breakfast.” It’s a powerful tool in running your organization successfully.

Before you can start building a culture that values securing your business and avoiding risky business, you need a foundation to build on. These are the first steps. (Part Two, Building a Culture of Security, my next post, is coming soon!)

1. Open and Honest Accountability

Holding people accountable for their actions doesn’t have to be punitive, but if you don’t have accountability, you will have a culture of chaos. It also doesn’t mean you fire everyone who makes a mistake -- otherwise your employees will simply hide their mistakes. Foster an atmosphere where people own their ”stuff” and everyone learns from mistakes. You still want people to take risks and innovate, but when people don’t follow company policy or process, put the company at risk, or just make a bad business decision, you need to acknowledge and respond appropriately. In my line of work, that could be anything from a friendly “oops!” message to an employee who clicks on a phishing email, to a disciplinary conversation with an employee who breaks a security policy. And when incidents bring insights, generously share with others as a “teaching moment.” Your goal is not to embarrass those involved but instead reframe their mistakes in order to help others learn and avoid the same pitfalls in the future.

2. Just Enough Policy

Do you have written company policies that your employees must acknowledge every year?

Create policies that cover the basics like how we all treat each other (policies regarding discrimination, harassment, etc), how we all behave (ethics, code of conduct, anti-bribery, corruption, workplace violence, etc.), how we remain in compliance (legal, regulatory, and contractual) and how we maintain security (data privacy and security, password practices, network security, access controls, etc.). Take advantage of resources that can help guide your policy creation, like NADA, the FTC, your insurance company, and of course your legal counsel.

3. Just Enough Process

While you don’t want to stifle innovation, a culture without some process is one of organizational immaturity. Errors become commonplace, and even worse, breed inefficiency. Document your processes so that everyone knows “how we do things around here.” Once you’ve documented your processes, it makes it much easier to teach others through training, and more importantly, without it, you can’t do No. 1 – hold people accountable. In the world of security, process includes things like having every potential new vendor complete a security assessment as a part of your procurement process, doing background checks on job applicants, or having a system to track software licenses in use at your company.

4. Influence Human Behavior

Your policies and processes may be complete, but how well do people’s behaviors reflect what is in them? Reading a policy or a process does not mean people change their behavior. It’s essential to continually reinforce the desired human behavior through incentives, disincentives and marketing. The first two – rewarding desired behaviors and creating negative consequences for undesirable behaviors - are pretty straight forward and can be reinforced by pay plans and HR. The third – marketing - is a lot more fun. Security can be a dry topic, so if you can make the topic engaging you’re more likely to create the desired behaviors. Marketing security messages is no easy feat – stay tuned for my next blog that will dig more into this topic, and even make it fun.

Start with these foundational steps, and watch for my next post, “How to Get People to Care About Security As Much As You Do." 

 Unlock all of the community & features  Join Now