F&I and Showroom, February 2015
Technology and that includes operating systems Windows XP is sunsetted and I bet you a good amount of dealers are running XP in some capacity Petcou says Nuspire uses a segmentation strategy that separates users from the network for example operating a Wi Fi network independent of the dealerships computer network thus preventing access to personal and fi nancial data People only get access for what they need You have to be cognizant of what type of access youre giving When in doubt we block everything he says noting that dealers have been slow to react to newer data security risks Most owners of dealerships have been in the industry for so long and most dealerships have been handed down from generation to generation so that current owner just remembers a lot of that history and injecting a lot of this technology is completely new to them Nuspire has been working with the auto industry for more than a decade It initially worked with auto OEMs and their service providers on data security issues before moving to the dealership level And based on his years of observation Petcou believes the service bay has been the biggest driver of technology adoption at dealerships The wrench and the hammer are no longer tools its the computer that connects wirelessly to an access point so they can fl ash a cars computer or do their warranty claims all in the service bay he says The diagnostic tools have really driven technology Regulatory Pressure Today its the Internet customer thats forcing dealers to improve their ability to collect and store personal digital data And as adoption of tools that allow them to do that 18 F I and Showroom February 2015 Based in Commerce Mich Nuspires Security Operations Center uses the NuSecure Gateway Security Service to provide real time remote monitoring reporting and incident management increases there has been a corresponding increase in data security regulations and oversight In August 2013 the National Automobile Dealers Association NADA s legal and regulatory affairs department issued a 14 page guidance memo to its dealer members about securing access to transaction data stored in the typical dealer management system DMS The memo was released nine days after the Federal Trade Commission warned big data collectors that it would use all tools at its disposal to protect consumer privacy Offi cials with the NADA said at the time that the release of the memo was unrelated to the FTCs announcement noting that it was part of the associations ongoing effort to promote compliance We had frustrated calls from dealers ranging from Jeez various factories are jamming clauses in there take it or leave it or click through agreements and there seems to be somewhat of a feeling that they are losing control of their intellectual property NADA President Peter Welch said at the time The NADAs memo warned members that the FTC may consider any third party access to nonpublic personal information to be sharing even if the dealers vendor never actually accessed the data It included a checklist dealers can use to police vendor access to their data and warned members they could run afoul of the Gramm Leach Bliley GLB Acts Safeguards Rule and Privacy Rule if they provide NPPI to vendors and even manufacturers In June 2012 the FTC targeted a Georgia auto dealer for GLB Act violations after an employee downloaded consumer data fi les onto a fl ash drive and loaded them onto his personal computer which contained peer to peer fi le sharing software The dealer was required to establish and maintain a comprehensive information security program and undergo data security audits by independent auditors every other year for 20 years as part of his settlement with the federal agency Tim Gallagher a senior security analytics team leader at Nuspire says the companys analysts examine network logs and compare them with their worldwide network of data security points for comparison We collect about a billion logs a day says Gallagher who has managed projects for the U S Air Force Saylor S l F Frase l launched h d Nuspire in 1999 on the premise that fi rms would require secure network services the more they used the Internet to transport data
You must have JavaScript enabled to view digital editions.
