For any business owner, keeping your dealership secure is vital. You need to do all you can to protect your records, marketing data, legal documents, and cash, as well as your employees. You lock your doors and create security policies, but do you practice the same vigilance with your digital doors and policies?
Securing your digital devices and networks against hacks, viruses, and malware, should always be treated as a critical need for your company. Here are ten ways to secure your computers and computer networks. Think of it as a checklist you can discuss with your IT consultant or IT staff member.
1. Use a Firewall
Windows OS comes with its own firewall so at a minimum all you need to do is turn it on. Alternatively, you can purchase and install a third party firewall program. A firewall filters what gets into and what leaves your computer system. Remember to update the firewall often, or if possible, you can turn on auto-update. If you have a large dealership or group, make sure the firewall you use is sufficient for your needs. Check with your IT consultant or staff member and ask them to prove to you that what you have works and meets your needs. According to the SANS Institute Internet Storm Center, a typical unprotected PC will come under attack within 20 minutes after being connected to the Internet.
2. Install an antivirus/antimalware solution, and keep it up-to-date
New worms, viruses, and other forms of malware are being created daily; you need to stop them right at the door. According to a Microsoft report via ZDnet.com, more than six of every 100 systems worldwide encountered a deceptive download that contained malicious software in the fourth quarter of 2013. Stay vigilant and as with your firewall, turn on auto-update so that your software is kept up-to-date with the latest threat lists and upgrades.
3. Update your Operating System regularly
Mac OS, Windows OS, and any practically any OS needs to be updated often if they are to remain secure from hacks and malware attacks. Again, turn on auto-update and make sure that your IT consultant or staff member can prove they have all your operating systems and software on an automatic update schedule.
4. Update your software regularly
“Software” here refers to every program that is running on your system. A program such as Windows Internet Explorer, for example, appears on many computers and hackers know it. But Windows IE is also dangerously vulnerable to attacks. According to the 2013 Volume 16 of the Microsoft Security Intelligence Report (SIR), the majority of the examined vulnerabilities only showed signs of being exploited after a security update had been made available. Regularly installing updates can help minimize this risk.
5. Create an email policy and never open suspicious email… even if it is from a trusted friend
If you don’t have an email policy for your staff, make one. Tell them that even if an email asks them for passwords and usernames; delete it. If it comes with an attachment or links to click, do NOT open the attachment or click the link unless you KNOW the source is valid. If it is a friend, check with them. If it is from a respected business, mouse over the link, and check the source URL. If it is not from that URL, delete the message. In January 2013, the APWG Phishing Activity Trends Report states over 46,000 unique phishing sites were detected and over 28,000 e-mail campaigns were received by APWG consumers alone.
6. Completely erase hard drives before throwing them away
Office copiers and data drives presumed to be dead are a goldmine for data thieves; before you throw that hard drive away, ensure that all data on it has been properly erased. Just deleting is not enough. Data destruction software is best and often free.
7. Create a social media policy
Social media and e-mails are often targeted by hackers. In fact, most information is now leaving your premise via email, Twitter, or Facebook. An effective policy assumes that nothing stays private on the Internet. If you have content that must be kept private, it should never get onto the Internet. Again, make sure you discuss this with IT to know how they are handling your needs.
8. Use passwords and ensure that they are strong enough to not be easily hacked
You cannot underestimate the significance of strong passwords in computer systems security. It is much more difficult to break into a computer that is locked with a strong password than one without a password or a simple one such as “123”. A strong password consists of letters, numbers, and special characters arranged randomly or in a manner that is hard to guess or decipher. An easy trick for passwords is to write a 12 word sentence and pick the first or last letter of each word and then switch out numbers for letters and use punctuation. Voila; a great password.
9. Encrypt wireless networks
Wireless networks are a great convenience, but without encryption they are open to anyone within proximity – including hackers. Higher number encryptions (as you move closer to 152-bit) are stronger and therefore more secure because they use a very long password to access the network. WEP is also far less secure than WPA or WPA2 and can be easily broken in under a minute. Find out what your IT consultant or staff member uses.
10. Back-up your data… and I mean it!
Round off your efforts by backing up critical data on a regular basis. You never know what awaits you. It may be a hacker attack, a virus, or a system crash that wipes your memory disks clean. You never want to be in the position where you have to say “I should have backed-up my data, but…” Do it and do it often, and make sure it is a policy across your business network.
While these solutions do not guarantee absolute security, they are a great start. These ten security measures will bring safety against viral attacks to your dealership. Now work with your IT consultant or staff to find out what they have in place for you.