Cybersecurity For Your Auto Repair Business -

Cybersecurity For Your Auto Repair Business

cybPassword: fluffy1234. One of our clients asked us to use this for setting up his email, telling us it was the name of his wife’s cat. “Admin” was another client’s request for a username, and he wanted his password to be 1234. Nope! No way, no how! We vigorously refuse to put unsecure passwords in place. “But they’re hard to remember, I have so many of them,” said one business owner. “I just keep them all the same, it makes it easier to keep it all straight,” said another. And that makes it easier for thieves to make life a living nightmare. And if they aren’t thieves, they are, at the very least, vandals.

Real Threats 
Consider this a warning shot across your business bow. There are plenty of people out there gunning for weaknesses in website passwords, email passwords and databases with information of value – names, addresses, phone numbers, email and credit card information. How secure are you and your business?

Threats to your cybersecurity are all too real. If you haven’t been impacted by identity theft, hacked emails and websites or data breaches, consider yourself lucky. To protect yourself – and your business – from cybersecurity threats, you need a plan. Here are nine things you need to address:

1. Policies and training: Set up rules and policies to protect your business. Have systems in place, then train employees and set up consequences for non-compliance.

2. Passwords: Strong passwords need to be set up. Here’s a free source for the creation of a highly encrypted password: http://passwordsgenerator.net/. Some policies to follow include:

  • Don’t use the same password across multiple accounts.
  • Passwords should be at least 15 to 20 characters long and include numbers, upper and lower case letters, and symbols.
  • Don’t use family names, initials, pets, birthdates, addresses, towns or full words in general, phone numbers or mathematical sequences as passwords.
  • Do not permit your browser or FTP client programs to save your passwords. Any password saved in this manner can easily be discovered with a single click using some programming script.
  • Do not access important, password-protected accounts from public computers or someone else’s computer.
  • Change your passwords regularly. Monthly is best, quarterly at the very least.
  • Keep passwords straight using phone apps or an online password management system. PC Magazine suggests the following: KeePass (free, download to your computer),www.keepass.com; LastPass (free, cloud-based), www.lastpass.com; RoboForm Desktop 7 (for one PC), or RoboForm Everywhere 7 (multiple PCs) (from $29.95) www.roboform.com. Alternatively, save your passwords as plain text, then encrypt them with AES Crypt or AxCrypt.
  • When employees leave the company, change all passwords that person was familiar with.

3. Virus/malware protection: Your computers must have the latest virus and malware protection installed and operating. It must be updated regularly, then have a full scan run after each update.

4. Firewall: A firewall should be set up for your company’s Internet connection. Talk with an IT professional about what that entails.
Firewalls protect your private network data from being breached by outsiders.

5. Mobile device protocol: Mobile devices used by your team can pose significant threats. They may contain confidential information and are frequently used to access company networks. Password protect these devices, and have security apps installed. Encrypt all important data. Devices connecting to public networks at coffee shops, libraries, schools, etc., are particularly vulnerable to attack.

6. Back up data: Nothing is sacred. Back up your data regularly.  Email, documents, spreadsheets, databases, accounting files, HR files, etc., are irreplaceable and should be backed up regularly, preferably automatically. Services like Carbonite or Barracuda are great for this purpose. If you make your own backups, put them on two external drives and keep them in a safe deposit box. Alternate these drives with each backup.

7. Wi-Fi: Secure your company Wi-Fi account with a highly encrypted password, which will help block outsiders from getting into your company network. If you offer a public access point for customers to use, make it separate from your business network.

8. Credit card processing: Work closely with whatever service you use to process credit cards and make sure you’re using the most trusted, validated and anti-fraud system possible. Use an isolated computer for these transactions, not one used for going online.

9. Give limited access: Give access to employees only on a need-to-know basis, only for the processes they use. No person other than the owner should have access to all this information. We call this having the “keys to the castle.” Give these keys to a trusted attorney who’s in charge of the owner’s estate should something happen, with strict instructions that these be given out ASAP to a specific person in the event of the owner’s demise.

Not So Hard

Sure, it’s hard to do all this, but it’s much harder to fix a data breach, undo the damage done by hackers and apologize to customers for their personal information being stolen. Set a goal to get this done before the end of the year.

BSB Contributing Editor Mark Claypool has more than 30 years of experience in the fields of workforce development, apprenticeships, marketing and Web presence management with SkillsUSA, the
I-CAR Education Foundation, Mentors at Work, VeriFacts Automotive and the NABC. He is the CEO of Optima Automotive (www.optimaautomotive.com), which provides website design, SEO services and social media management services.

Article courtesy of BodyShop Business.

You May Also Like

Shop Equipment ROI – Tooled for Profit

Understanding how to calculate ROI can help your purchasing decisions.

I’m not a financial scholar by any means, but I know what return on investment (ROI) is. It’s a mathematical formula that yields a representation of the profitability of any type of investment. In the automotive repair industry, we primarily associate this with equipment. Admittedly, I’ve never used the term much, more often approaching things from the standpoint, “Am I making money with this or not?” As technicians and shops, our typical thought process centers on each individual job, how much time and money we have into it, so we’re used to thinking profit or loss, and also pretty good at knowing if we made money, or if we lost our “back quarters.”But over time I’ve learned that the thought process alone is not always the best approach, and making money doesn’t necessarily mean a good ROI. Even if you don’t go crazy with an exponentially long, complicated equation, if you understand the basic idea and process of calculating ROI, it can help you make good purchasing decisions. The base calculation would be dividing your net profits by the cost of the equipment. That’s your ROI. Then, if you want to take it further, you can divide that number to get a time-based ROI average.Let’s look at a basic calculation. You buy something for $10, then sell it for $14. Your profit is $4. Divide profit by investment, ($4/$10) and you get an ROI of 40%. Not bad, but if it took two years to make this profit, then your ROI would be 20% annualized, which is not as impressive. You can use this basic formula to compare products you sell as well, and it may help you decide what’s best to keep in stock or not.Now let’s try something with equipment. You have an old tire machine that’s paid for. You average one set of tires per week and it takes 1.5 hours to complete the job. You decide to buy a new tire machine that is much quicker and more efficient but it cost you $20,000. Now the same job only takes one hour. Based on the cost of technician salary, you calculate that it saves you $30 per job with this new equipment. In this case you would use the formula: savings (additional profit)/investment. At one set of tires per week, that works out to $1,560 per year. $1,560/$20,000 equals an ROI of approximately 8%. That’s not too good. It will take you almost 12 years to pay off the new machine.On the other hand, if you average five sets of tires per week, then your additional profit for the first year is $7,800. $7,800/$20,000 equals an ROI of 39%. That’s pretty good. A general rule of thumb is to pay off any piece of equipment within two to three years. This puts you right on track.But now, here is the problem. This is where we throw the proverbial wrench into the plans. Equipment is tricky. You should also calculate in installation and maintenance costs, as well as the cost of training for the new equipment, and factor in how long the equipment is going to be relevant. This is an especially important factor when considering a scan tool, the required updates and how long before it’s potentially obsolete. In the case of a tire machine, you can also calculate in savings from other benefits of a new machine, such as no more damage to wheels or tire pressure monitoring system (TPMS) sensors, which the new machine can eliminate.Some of this can be overwhelming, and it makes me realize why it’s easier just to fly by the seat of your pants and wonder, “Am I making money or not?” It’s an important business aspect, however, to know what is behind the idea because it can benefit you in so many ways. Even without math, you can almost visualize the numbers in your head.I’ll try it by leaving the formulas out to decide whether it makes sense to buy a dedicated TPMS tool when you already have a full-function scan tool with TPMS ability.If you get a TPMS problem every day and you use your full-function scan tool to diagnose it, most likely it takes much longer to boot and longer to navigate to the function. Even then, it may not cover all you need. Because there’s such a vast amount of information that a full-function scan tool has, it simply takes more for the manufacturer to keep everything current. Plus, you often must still rely on service information for certain procedures and then, if it’s the only scan tool for your shop, it ties it up for use in other diagnostics.Now, let’s compare that to a dedicated TPMS tool. Built with only one function in mind, they can make the process much quicker, have greater coverage, boot quicker and quickly walk you through all steps of any required TPMS resets. When you factor in the savings in time and the fact that your primary scan tool isn’t tied up, you can prove the value of a dedicated TPMS tool through ROI calculations. On the other hand, if you rarely work on TPMS systems, you can prove it wouldn’t make sense at all, since you do have the function on your primary scan tool.While you haven’t done any calculations, you’ve thought of it in that manner and can picture where the calculations might end up. If you’re on the fence, the math will give you the answer. Ultimately, your accountant could take the idea even further, with an undoubtedly more advanced knowledge of ROI, and almost certainly a way to calculate depreciation into the formula. That’s where I sign off, but you get the idea. It’s a great concept that represents fundamental business financials.

Read November’s Digital Edition of ShopOwner

Every issue of ShopOwner includes valuable business management and technical editorial content.

Read Shop Owner’s October Digital Edition Now

Every issue of ShopOwner includes valuable business management and technical editorial content.

Grand Touring Tire Market Adapts To Changing Demands

The days of grand touring tires being fitted only to sedans are a thing of the past.

Catalytic Converter Replacement Rules

Converters must be certified and labeled with the correct codes that are stamped into the shell.

Other Posts

Read September’s Digital Edition of ShopOwner

Every issue of ShopOwner includes valuable business management and technical editorial content.

Circling The World Of Digital Finance

Digitalization affects banks and financial institutions, but also businesses (like yours) that rely on them.

Read The August Issue Of ShopOwner Now

Every issue of ShopOwner includes valuable business management and technical editorial content.

Read Your July Issue of ShopOwner Online Now

Every issue of ShopOwner includes valuable business management and technical editorial content.