A booming economy, but definitely no news to celebrate here: according to the World Economic Forum (WEF), cybercrime has grown to become the world’s third-largest economy after the US and China. Cybersecurity Ventures estimates a global cost of 8 trillion USD in 2023 only, which makes it evident that cybersecurity should be a top concern for any digital company and for anyone doing business online.
According to the 2023 Verizon Data Breach Investigations Report, 74% of all breaches include the human element. The three primary ways in which attackers access an organisation are stolen credentials, phishing and exploitation of vulnerabilities. It’s of paramount importance that companies upgrade their security protocols so as to ensure that customer data is safely stored and maintained.
This can be achieved at infrastructure level, of course, but also by raising awareness and encouraging responsible behaviour throughout the organisation. Here are five steps to ensure improved cybersecurity at the dealership.
1. Strong passwords
The first rule any digital user should observe is to create strong passwords when setting up their credentials. As the name suggests, a strong password is designed to be hard for a person to guess or a software to decipher, thus avoiding unauthorised access to sensitive data.
While people tend to choose memorable passwords using common words, a strong password is typically longer and features a mix of alphanumeric characters, special characters as well as uppercase and lowercase letters. A couple of common but useful tricks to set a safe password are to replace letters with numbers with a similar visual output (for example, ‘E’ with ‘3’), or to have a passphrase turned into a password by using its initials.
2. Advanced authentication methods
A further layer of security can be added by means of a multi-factor authentication process. While simple authentication only requires one piece of evidence to prove the user’s identity (username and password), an additional piece of information – which could be a PIN, a dynamic authentication token, a confirmation code generated on a secondary device or even a biometric pattern such as your fingerprint – must be provided in a multi-factor environment.
The most common technique is 2FA (two-factor authentication), which is also the one MotorK has recently implemented in its WebSparK solutions: dealers using WebSparK can, in fact, upgrade the safety of their WordPress websites by setting up a more advanced login rule which requires internal users to enter a code either generated by an authentication app (e.g. Google Authenticator, Microsoft Authenticator) or shared via email after the usual username and password.
3. Data usage assessment
Even in a safe digital environment, data should be collected in a sensible way, by establishing a process to assess needs and attributions. To avoid breaches or data loss, the first question you should ask yourself is ‘do I need to collect such data?’. And even when the answer is ‘yes’, it doesn’t mean that client information should be made available in all systems.
If OEMs and dealer groups often have specialised roles for data management and a set of clear rules in place in this regard, such best practices can and should also be adopted by smaller organisations. To begin with, it’s important to map internal and external information flows to detect potential vulnerabilities. Smarter data management is the first step to reduce opportunities for incidents.
4. Data storage
Data storage is an essential aspect in the strategy of any organisation, small or large, to ensure that important customer information is kept organised and, most importantly, secure.
Today, there are lots of storage solutions available on the market but cloud-based ones, often offered as a subscription service, have rapidly gained popularity for various reasons: above all, easy accessibility paired with regulatory compliance, advanced threat detection and better data security.
5. Access management
While you map your data needs and information flows, you should also focus on defining data permissions within the organisation. One of the most common mistakes is to assume that everybody should have access to everything: instead, to reduce exposure to security threats, it’s essential to grant access only to those who will effectively use customer data to the benefit of the business. As an additional bonus, your data will likely stay cleaner and better organised.
As a step forward in delivering the company’s vision to be the most trusted technology partner for mobility distribution and provide dealers and car manufacturers with reliable tools which can ensure the safety and confidentiality of client information, MotorK is committed to top security standards for its products. This cannot be overlooked in a scenario where an omnichannel purchase journey has become the standard and the customer experience is more and more built online.
Unfortunately for us, cybersecurity is not a one-off job, but rather an ongoing pledge of the entire organisation: but we should also have confidence in the fact that being aware of the risks and relying on a few simple tricks to mitigate them can significantly enhance the quality of our work and the level of service we provide to our customers. It’s like building a defensive fortification, which can only be stronger when a committed team is manning it.
If you are interested in knowing more about the new security features of your WebSparK solution, please do not hesitate to reach out to your MotorK contact; if you are not a current WebSparK user and would like to discover the MotorK solution for your online showroom, feel free to send us a contact request.