When it comes to whether or not to spend money regarding Information Technology (IT) and the IT department, the question has been asked many times, and the answer is always the same: YES! Information Technology security could potentially save your business. Spending time on a well thought out Information Technology plan should be a “No-Brainer.”
Here are a few potential areas of interest / consideration:
1. Malware / Ransomware:
Lately these types of attacks have been getting headlines because the latest attack, WannaCry, infected computers on a global scale. Phishing = attacks harass users on a weekly basis, targeting the most vulnerable area in your business; your people. Does your staff know how to recognize and respond to these types of attacks? Just one wrong click could hold your employee’s computer hostage, or allow a hacker access to your customer data. In one case, a parts manager had his computer, including hundreds of his excel spreadsheets, hacked / encrypted from opening one “bad” e-mail attachment. To combat these threats, yearly user training, proper backup, permission and workflow strategies, and remediation policies need to be put into place.
2. Segregation of Networks:
In “flat” networks, everyone including your guests are on the same logical network, or subnet. This allows network traffic to pass between computers, allowing malware a route to spread unchecked throughout your entire network. A guest with an infected laptop could end up infecting all the computers within your dealership or vice versa. To help prevent this, networks should be segmented based on their use using a virtual local area network (VLANs). A basic VLAN would look like:
a. Internal Wi-Fi
b. Guest Wi-Fi, and
c. Hard-Wired Data
If credit card data machines are connected via the Ethernet they should also be segregated on their own VLAN. Depending on the number of credit card transactions this could be a PCI (Payment Card Industry) compliance requirement issue as well.
3. Control / Monitoring of Networks:
The data flowing in and out of your network is the dealerships responsibility. Potential lawsuits from employees and guests illegally downloading music and/or movies is a real threat that’s occurs often. Excessive bandwidth usage and low employee productivity from watching YouTube or Netflix during work is a common problem. Dealership management should come together and decide who and what will be allowed on their network and make it clear to all employees. Software for monitoring network traffic and bandwidth should be installed with at least 30 days of history being retained.
By having well planned Information Technology controls in place you will not only help prevent security incidents, costly legal battles and data breaches, but you will know what to do when one happens. In the end, this will mean more time to do what you do best: Sell Cars.
Call us at 714.672.0022 to see how our professional and technical insights can optimize your business.
Written by James Graham, IT Director
Click HERE to print article.