Another area of data vulnerability is internal data stored offsite (i.e. bank accounts, floor plan accounts, tax information, etc.). Many of us have online access to bank accounts and other information that is used in the daily course of business. Each of these sources requires a login and password to access your information, and they should require data encryption/security features of your Internet browser be enabled.
Make sure you have each login and password documented in a secure location, change the passwords from time to time, and DO NOT set your computer to save passwords for easier access. It is more common than you may realize for a key employee to leave and take the password to your bank accounts with them. It is best to login to these external information sources occasionally to assure that you know the current password, so you can change passwords in the event an employee leaves. Not knowing a password can cost you time and money in tax penalties if you file and pay taxes online through the EFTPS (electronic tax payments system) and your state’s online resources. Filing and paying late because you have to track down the login information can cost you as much as a 25 percent penalty with the IRS.
The integrity of your intranet (in-house network) can be compromised by unauthorized software. You should establish a policy and monitor your system regarding ANY software loaded either to your server or to any workstation. Without revisiting the virus, worm, and Trojan horse threat that accompanies unauthorized software, loading unauthorized software can potentially destabilize your intranet causing unnecessary downtime by creating networking, security or hardware related issues. Simply put, it’s your hardware and only software approved and authorized for dealership use should be allowed.
Finally, establish and educate your staff as to the proper use of e-mail. Inappropriate use of e-mail steals employee time, computing resources and can lead to legal issues that you will have to deal with despite the origin. If you provide e-mail access for your staff, you have the right to monitor and enforce standards of use.
Take the time to protect yourself. It doesn’t require malicious intent to create a problem that will cost you time and money.
Preparation is always preferable to reparation.
Vol 5, Issue 7