F&I and Showroom, March 2020
www fi magazine com 26 F I and Showroom March 2020 O On any given day the typical retail automotive F I office receives upwards of 1000 pieces of sensitive customer data including bank account numbers credit or other financial records mortgage records tax documents wire transfer receipts Social Security numbers and photos of drivers licenses But one little gap in the dealerships IT security system can put those valuable records at risk exposing the company to a data breach You may be asking yourself How pervasive are data breaches The answer is Very pervasive The fact is data breaches are on the rise across all industries and as weve seen from breaches like Experian and Target all companies regardless of size can be targeted According to a 2018 report by tech firm Cisco Systems the number one provider of servers worldwide 53 of midmarket businesses say that they have suffered a cyber breach at a cost of 1 25 million The Ponemon Institute a Michigan based research group found that in 2018 67 of small to medium sized businesses had suffered an attack The FBIs Internet Crime Report found that more than 350000 cyberattacks had occurred in 2018 costing over 27 billion More recently 3800 publicly disclosed data breaches occurred in the first six months of 2019 exposing up to 41 billion records So what can you do to be prepared Start with education and staying up to date with the most common methods used to gain access to a companys systems EDUCATION According to cybersecurity firm Proofpoint more than 99 of cyber attacks rely on human interaction such as opening a file following a link or opening a document The most common types of attacks include Malware A program that is covertly placed onto a computer or electronic device with the intent to compromise the confidentiality integrity or availability of data Phishing A technique that attempts to acquire sensitive data with the perpetrator posing as a legitimate business or person Ransomware A type of malware that attempts to deny access to a users data and encrypts that data until a ransom is paid Distributed Denial of Service DDoS Attack A high volume of unwanted traffic that ends up exhausting the bandwidth as well as the resources of a companys systems rendering them unable to respond to any more requests SQL Injection Attack By injecting a malicious inquiry the attacker can see into the database as well as modify the data run any administrative command and even wipe out the entire database Man in the Middle MITM Attack Attackers compromise a network and insert themselves between a client and a server such as a WiFi network and the attached devices Something as simple as opening a suspicious email or clicking a link can open the door to a vicious attack So educate your team on these attacks and how they can help prevent a data breach from happening This includes implementing new processes and safeguards to protect your data PREVENTION To start the process of ensuring data security and applying safeguards we recommend starting with a simple acronym to ensure your business is checking all the boxes ADRIFT Assess security risk across all access points and partners Document information security program procedures Regularly review foreseeable risks BY MAURICE HAMILTON DIGITAL GETTYIMAGES COM HENRIK5000 Data breaches are on the rise across all industries So what can you do to be prepared Start with education and staying up to date with the most common methods used to gain access to a companys systems DIGITAL SECURITY IN 3 EASY STEPS
You must have JavaScript enabled to view digital editions.