Associations, Latest News, Technology Update

Cybersecurity expert urges repair shops to protect data

NCR Cybersecurity

As the collision repair industry increasingly relies on digital information, it’s crucial for repair shops to take steps to protect their data against hackers, Brandon Laur, vice president of CCi Global Technologies, told an audience at the 2021 IDEAS Collide Showcase at the 2021 SEMA Show.

Collision shops and their third-party partners store all sorts of repair-related data — personal identifiable data such as names, phones numbers, addresses and vehicle identification numbers (VINs) — and that data is only as secure as the weakest point in the system, according to Laur.

The first step in cyber security is to thwart would-be hackers by decentralising information. “Data can’t be in one place. It needs to be stored in decentralised environments,” Laur said. He encouraged shops to have their customers give authorisation to having their data “moving around between third party systems in the industry.”

Shops should also be able to talk with their vendors about how data is being stored, where it may move to, and how easily it can be completely deleted, if necessary. He also encouraged shops to consider an approach called “zero trust,” in which “nobody within your collision centre or any vendor that you work with has access to all of the data. “If somebody has access to all of that data, that means they are the vulnerability point where you can be hacked.”

“The number one area where people are going to get into your system is through your technicians’ phones. So, you want to be able to make sure that you have that taken care of so that nobody is going to be coming into your system and taking your data hostage from you.”

Ransomware is a growing problem. Experts say the attacks act in a vicious cycle: a company is hit and pays the ransom, the attack is widely publicised, more hackers see the attack’s success and want to do it themselves, with increasing stakes for steeper payouts.

Finally, he said, if a business does have a data breach, it stands a better chance of avoiding damage by being transparent in its communications. “You want to tell the people exactly what happened, where the breach was, how many tables were affected in any of your solutions and be able to be 100% transparent with the market.”

Laur encouraged shop owners and managers to work in concert to protect the industry from cybercrime. “It’s up to everyone to hold each other accountable, and think of ways to continue to move this industry forward as we look at solutions – being better connected and making sure they’re doing everything they can to protect the data as well.”

This article courtesy of John Huetter of Repairer Driven Education. Check out the website at: http://www.repairerdrivennews.com/.

Send this to a friend