Q: Is my dealership at risk for a data breach?
A: According to the Identity Theft Resource Center, a record 1,093 data breaches occurred in 2016—a 40 percent increase over the previous year. Other statistics suggest data breaches are becoming increasingly common, with business and healthcare sectors targeted most often.
Identifying your vulnerable information
The first step in securing your sensitive and valuable data is to identify what information you’re storing and how it might be compromised. Your business probably maintains a large amount of information related to your employees, operations, and customers. A portion of it is likely worth more money to criminal hackers.
Some examples of sensitive information include employee Social Security numbers, W2 tax information, bank account information, and customer credit card transactions. Most states have enacted legislation requiring businesses to notify individuals of data breaches involving personally identifiable information. Make sure you’re aware of the security breach notification laws your business is subject to.
The good news is that you can plan and prepare. As you develop and assess your business’s data assets and procedures, consider the following data security measures:
▶ Collect and store only necessary personal and confidential information.
▶ Implement user access firewalls to protect sensitive information.
▶ Establish a formal sensitive data disposal policy.
▶ Create and regularly update system backups.
▶ Train all personnel with system access on data breach techniques, such as phishing scams.
▶ Require strong user passwords and update them regularly.
▶ Install antivirus software protection and keep it up-to-date.
▶ Create a data breach response plan—identify an incident response team, establish a call tree, and determine which data assets are the most critical and should be secured first.
While this is not a comprehensive list, it should help you get started. Analyzing your exposures can help protect your business from a costly data breach.