IMPORTANT NOTICE!
Auto dealerships must comply with the updated FTC Safeguard Rule by June 2023!
At LockStock Cybersecurity and Analytics, we specialize in cybersecurity consulting and have extensive experience helping companies comply with stringent regulations. Our team of experts will provide you with a comprehensive risk assessment of your existing security systems and will work with you to develop a plan to ensure that all customer and client data is kept secure and encrypted.
We will help you implement safeguards such as identity and access management, encryption, and multi-factor authentication, as well as provide security awareness training for your employees. We will also help you select, contract, and assess service providers to ensure that they maintain appropriate safeguards.
Most importantly, we will create a written incident response plan to outline roles, responsibilities, and remediation actions taken in the event of an incident and will provide a written report to your governing board on the overall status of your security program.
By partnering with us, you can rest assured that you will be fully compliant with the FTC Safeguard Rule by the June 2023 deadline and avoid any potential fines of $50,000 per infraction.
Let us be your trusted advisor for the FTC Safeguard Rule compliance process. Contact us today to get started.
The Federal Trade Commission (FTC) has recently announced a new rule that all auto dealerships must comply with by June 9th, 2023. This rule, known as the Safeguards rule, is put in place to protect the stored data of customers on dealership computer systems. Failure to comply with this rule can result in potential fines for the dealership.
This rule requires all auto dealerships to implement reasonable security measures to protect customer data, including personal information such as Social Security numbers, driver's license numbers, and financial information. Dealerships will also be required to perform regular risk assessments to identify and address potential vulnerabilities in their systems.
In addition, the rule requires that dealerships have a written information security plan in place, which must include specific details on how customer data is collected, stored, and protected. The plan must also include procedures for responding to security breaches and for providing notice to affected customers.
Designate a qualified person to oversee their information security program
Develop a written risk assessment
Limit and monitor who can access sensitive customer information
Encrypt all sensitive information
Train security personnel
Develop an incident response plan
Periodically assess the security practices of service providers
Implement multi-factor authentication or another method with equivalent protection for anyone accessing customer information
The FTC's Safeguards rule is an essential step in protecting customer data and ensuring that auto dealerships take the necessary steps to keep that data safe. Dealerships are urged to begin preparing for compliance with this rule as soon as possible to avoid any potential fines and ensure the protection of customer data. See the full list of requirements below.