Cybersecurity For Your Auto Repair Business - Tire Review Magazine

Cybersecurity For Your Auto Repair Business

Password: fluffy1234. One of our clients asked us to use this for setting up his email, telling us it was the name of his wife’s cat. “Admin” was another client’s request for a username, and he wanted his password to be 1234. Nope! No way, no how! We vigorously refuse to put unsecure passwords in place. “But they’re hard to remember, I have so many of them,” said one business owner. “I just keep them all the same, it makes it easier to keep it all straight,” said another. And that makes it easier for thieves to make life a living nightmare. And if they aren’t thieves, they are, at the very least, vandals.

Real Threats

Consider this a warning shot across your business bow. There are plenty of people out there gunning for weaknesses in website passwords, email passwords and databases with information of value – names, addresses, phone numbers, email and credit card information. How secure are you and your business?cybersecurity

Threats to your cybersecurity are all too real. If you haven’t been impacted by identity theft, hacked emails and websites or data breaches, consider yourself lucky. To protect yourself – and your business – from cybersecurity threats, you need a plan. Here are nine things you need to address:

1. Policies and training: Set up rules and policies to protect your business. Have systems in place, then train employees and set up consequences for non-compliance.

2. Passwords: Strong passwords need to be set up. Here’s a free source for the creation of a highly encrypted password: http://passwordsgenerator.net/. Some policies to follow include:

Don’t use the same password across multiple accounts.

Passwords should be at least 15 to 20 characters long and include numbers, upper and lower case letters, and symbols.
Don’t use family names, initials, pets, birthdates, addresses, towns or full words in general, phone numbers or mathematical sequences as passwords.

Do not permit your browser or FTP client programs to save your passwords. Any password saved in this manner can easily be discovered with a single click using some programming script.

Do not access important, password-protected accounts from public computers or someone else’s computer.

Change your passwords regularly. Monthly is best, quarterly at the very least.

Keep passwords straight using phone apps or an online password management system. PC Magazine suggests the following: KeePass (free, download to your computer), keepass.com; LastPass (free, cloud-based), lastpass.com; RoboForm Desktop 7 (for one PC), or RoboForm Everywhere 7 (multiple PCs) (from $29.95) roboform.com. Alternatively, save your passwords as plain text, then encrypt them with AES Crypt or AxCrypt.

When employees leave the company, change all passwords that person was familiar with.

3. Virus/malware protection: Your computers must have the latest virus and malware protection installed and operating. It must be updated regularly, then have a full scan run after each update.

4. Firewall: A firewall should be set up for your company’s Internet connection. Talk with an IT professional about what that entails.

Firewalls protect your private network data from being breached by outsiders.

5. Mobile device protocol: Mobile devices used by your team can pose significant threats. They may contain confidential information and are frequently used to access company networks. Password protect these devices, and have security apps installed. Encrypt all important data. Devices connecting to public networks at coffee shops, libraries, schools, etc., are particularly vulnerable to attack.

6. Back up data: Nothing is sacred. Back up your data regularly. Email, documents, spreadsheets, databases, accounting files, HR files, etc., are irreplaceable and should be backed up regularly, preferably automatically. Services like Carbonite or Barracuda are great for this purpose. If you make your own backups, put them on two external drives and keep them in a safe deposit box. Alternate these drives with each backup.

7. Wi-Fi: Secure your company Wi-Fi account with a highly encrypted password, which will help block outsiders from getting into your company network. If you offer a public access point for customers to use, make it separate from your business network.

8. Credit card processing: Work closely with whatever service you use to process credit cards and make sure you’re using the most trusted, validated and anti-fraud system possible. Use an isolated computer for these transactions, not one used for going online.

9. Give limited access: Give access to employees only on a need-to-know basis, only for the processes they use. No person other than the owner should have access to all this information. We call this having the “keys to the castle.” Give these keys to a trusted attorney who’s in charge of the owner’s estate should something happen, with strict instructions that these be given out ASAP to a specific person in the event of the owner’s demise.

Not So Hard

Sure, it’s hard to do all this, but it’s much harder to fix a data breach, undo the damage done by hackers and apologize to customers for their personal information being stolen. Set a goal to get this done before the end of the year.

You May Also Like

Tire Industry Labor Shortage: Improve This to Keep Employees

I’ve spoken to many representatives from manufacturers, wholesalers and retailers who report that techs, counter people, drivers and even white-collar team members have walked off the job, failed to report, or given notice, and their businesses have been impacted by these departures. This isn’t just a tire industry issue—and goes beyond the tech shortage that

Tire Industry-Labor Shortage-Great-Resignation

I’ve spoken to many representatives from manufacturers, wholesalers and retailers who report that techs, counter people, drivers and even white-collar team members have walked off the job, failed to report, or given notice, and their businesses have been impacted by these departures. This isn’t just a tire industry issue—and goes beyond the tech shortage that has plagued the industry for decades.

Consider Software Solutions to Streamline Operations

Representatives from several software providers share how solutions drive efficiency and profitability, as well as what to look for when considering a system in your shop.

software-solutions-stock
How Data, Analytics Can Boost Profitability for Tire Retailers

By collecting and analyzing data about a dealer’s sales history, inventory levels and market demand, data and analytics platforms can analyze the performance of each dealer’s store and recommend actionable improvement opportunities.

How to Start the PPP Loan Payback Process

For many PPP loan recipients, it is time to start the repayment process—or file for PPP loan forgiveness. Read on to find out which portion of your loan may be forgivable and how to apply for forgiveness, as well as how to start the repayment process.

Creating a Positive Work Environment

Larry Sutton of RNR Tire Express shares seven different practices that have helped him create a positive work environment.

Other Posts

Using Data to Enrich the Customer Experience

Attaching data or a number to a vehicle’s service record adds a level of transparency to the discussion, and moves it from an “opinionated upsell” to a true, fact-based service need.

Coats Tread Depth Data
Microlearning Makes the Tire Industry Smarter, More Profitable

Microlearning modules can be customized to company and team member needs, where participants can learn through their own experiences and at their own pace.

Setting Up for Success: The Importance of Onboarding New Employees

Onboarding serves to not only give a new employee practical information that they will need in the job, but having that information gives them confidence as they start out in their new position.

employee-onboarding
Online Reputation Management

Eighty-eight percent of consumers trust online reviews as much as they trust personal recommendations.

Online-Business-Management