Over the past few months, dealerships across the country have been in a new era of increased cybersecurity with new safeguards from the FTC, and the requirements to implement new policies and procedures aimed at better securing dealership and customer data.
Amongst Proton customers, those who are choosing to embrace stronger security protocols (even if it means process changes) are seeing significantly higher employee engagement with training and implementation when it comes to their new compliance and security programs. Proactive and transparent communication along with more comprehensive security training for employees has been vital in creating awareness around current cyberattacks, like phishing emails.
While it’s completely understandable that change is difficult – especially if you’ve been doing something the same way for years – it’s important to make the right decisions for your customers and employees. Cyber criminals won’t wait on your security readiness, so it’s best to embrace the change in the short-term for better long-term results.
Here are some tips and tricks to help you on your continued journey in staying compliant and secure:
- Utilize a password manager, do not store passwords in your browser. There are many free options out there, such as: KeePass or NordPass.
- Strictly use the dealership email domain for business purposes. Do not set up personal accounts or conduct personal business – like checking your bank account – on the dealerships’ domain.
- Set up email banners to flag external emails. This will help raise suspicion if an internal email address were spoofed in a real phishing attack.
- Formally document processes to help define expectations and ease accountability. Writing it down makes it real and easy to refer back to.
- Offer regular and up-to-date security training to your staff. Many compliance providers offer this as part of their services.
Creating a cultural change can be hard to do, and gaining widespread acceptance can take time. But clearly communicating with your teams and ensuring a strong enforcement and documentation strategy will ensure not only better security for your information, but also an empowered team behind you as well.