IDS 2023 RV Industry Trends Report

If you want to improve dealership security, focus on the three main ways that hackers hack, along with a fourth best practice that relates to common attack methods like phishing. DEALERSHIP CYBERSECURITY BEST PRACTICES

1. Mitigate social engineering

Train yourself and your employees on what social engineering looks like. Tools from companies like KnowBe4 can be used to practice spotting fake emails, for example. Some warning signs of potential social engineering attempts include unusual, urgent messages, as well as errors like spelling mistakes. It can get tricky, but it’s generally better to be skeptical about clicking on links and downloading files, even if that means taking a little bit more time to verify the information. For example, you might encourage staff to call you directly if they supposedly get an email or text from you asking them to quickly send over sensitive information to close a deal. Likewise, if someone gets a message allegedly from a company like FedEx or UPS about a delivery, don’t always take that at face value. Call or visit the real company’s website directly (rather than clicking email or text links) to verify the request.

2. Patch internet-accessible software

Another straightforward step to improve dealership security is to keep up with patching internet- accessible software. The good news is that your device will generally tell you when something needs to be updated or will do so automatically. For example, if you have an iPhone, you can enable automatic app updates or go into the App Store to do so manually. But never let a website tell you to patch and take that at face value, warns Grimes. That, or another type of message like in an email, could be a trick. But if your computer itself tells you to patch something like your Windows or Mac operating system, do so, he says.

3. Use MFA/non-guessable passwords

When possible, use multi-factor authentication (MFA) to add another security layer to your login credentials. That could involve steps like receiving a login verification code via text, though keep in mind that you only want to use the code for its intended purpose, rather than accidentally sharing that code with a hacker. Not all sites and systems offer MFA yet, but it’s becoming more prevalent. Even with MFA, it’s important to use strong, unique passwords. Password management tools can help you create random passwords that are hard to crack. Be sure to do your research on any password management tool though to make sure you’re not creating additional risk by storing your passwords there.

20

Powered by