Welcome!

News Feed Item

EFG Companies Cautions Retail Automotive Dealers, Lenders and Partners to Maximize Data Security Measures

EFG Companies, the innovator behind the award-winning Hyundai Assurance program, today highlighted data security as one of the largest areas of concern in 2018 for retail automotive dealers, lenders and their partners. According to the Identity Theft Resource Center and CyberScout, 1,579 data breaches occurred in 2017, representing a 44.7 percent increase year-over-year. Seeing this trend on the horizon, EFG achieved SSAE-16 certification in 2016, and has an ongoing digital security plan that enables it to implement enhanced safeguards ahead of need. EFG annually invests approximately a quarter of a million dollars on data security enhancements. For more information, visit http://bit.ly/2nUSYzw.

This press release features multimedia. View the full release here: http://www.businesswire.com/news/home/20180213005582/en/

Maurice Hamilton, vice president of technology, EFG Companies. (Photo: Business Wire)

Maurice Hamilton, vice president of technology, EFG Companies. (Photo: Business Wire)

While retail automotive has been regulated under the Safeguards Rule of the 1999 Gramm-Leach Bliley Act, digital data was not considered an important area of focus until recent years.

This risk is driven in part by the rise of digital technology in the automotive market. From wirelessly connected cars to digital customer relationship management systems (CMS), data access points have increased exponentially. A recent Frost & Sullivan report indicated that IT spending in the connected automotive market is projected to increase 17.3 percent from 2015 to 2025. However, the industry is just beginning to address how to protect private consumer information in a digital environment.

In the physical realm, it takes less than one minute and three pieces of information for a motivated thief to execute a security breach at a retail automotive dealership. In the digital realm, a computer hacker can gain access to payment processing software in seconds, grabbing data and exiting before the dealership is aware of the breach. According to a 2017 study commissioned by IBM, the average cost of a single stolen data record is $141. The average total cost of a security breach was $3.62 million. The average probability of a company suffering a security breach within the next two years is 27.7 percent.

“Machine learning and sophisticated hacking software will make data security an even more important component of the retail automotive sector,” added Maurice Hamilton, Vice President, Technology, EFG Companies. “For example, we believe any company processing credit cards should complete PCI DSS compliance. Within three years, companies should also implement two-factor authentication. Granted, implementing data security technology is an expense. But, as research has shown, companies cannot afford a breach.”

Achieving Data Security

A study of more than 10,000 consumers by Gemalto revealed that 70 percent of consumers would stop doing business with a company if it suffered a data breach. Furthermore, 69 percent of consumers believe that companies do not take consumer data security seriously. EFG Companies recommends companies in the retail automotive buying chain utilize the acronym ADRIFT to ask the following questions as the first step in achieving data security.

1. Have I conducted a complete security risk assessment, including all access points and partners?

2. Does my written “Information Security Program” document include procedures for each department that handles digital and physical consumer data?

3. Have I reviewed all reasonably foreseeable risks that could result in unauthorized disclosure or compromise of consumer data? Am I protecting customer information from collection to disposal?

4. Have I identified a designated person responsible for customer information security, with authority to implement the program?

5. How do I foresee manageable risks that could result in unauthorized disclosure of private consumer information? For example, am I overseeing partners that might have access to, or take possession of, customer information? Do my agreements with these partners require them to implement appropriate safeguards?

6. Does my company have sufficient training, oversight, and procedures for securing private consumer data?

“From vulnerable photocopier hard drives to digital CRMs, we believe digital data security should be a key business objective for every retail automotive dealer, lender and partner,” said John Pappanastos, CEO and President of EFG Companies. “While important, simply locking a file cabinet or putting a screen protector on a monitor is not sufficient. We are calling on all participants in the retail automotive chain to lock down their data.”

About EFG Companies

EFG Companies drives the industry’s highest-reported compliant F&I profitability through its distinct engagement model in which the company operates as an extension of the dealer’s management team. EFG addresses total dealership performance, and its client satisfaction Net Promoter score is higher than national corporate leaders such as Southwest Airlines, USAA Banking and Finance, and Nordstrom. Learn more about EFG at: www.efgcompanies.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Dynatrace is an application performance management software company with products for the information technology departments and digital business owners of medium and large businesses. Building the Future of Monitoring with Artificial Intelligence. Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more busine...
DXWorldEXPO LLC announced today that Big Data Federation to Exhibit at the 22nd International CloudEXPO, colocated with DevOpsSUMMIT and DXWorldEXPO, November 12-13, 2018 in New York City. Big Data Federation, Inc. develops and applies artificial intelligence to predict financial and economic events that matter. The company uncovers patterns and precise drivers of performance and outcomes with the aid of machine-learning algorithms, big data, and fundamental analysis. Their products are deployed...
All in Mobile is a place where we continually maximize their impact by fostering understanding, empathy, insights, creativity and joy. They believe that a truly useful and desirable mobile app doesn't need the brightest idea or the most advanced technology. A great product begins with understanding people. It's easy to think that customers will love your app, but can you justify it? They make sure your final app is something that users truly want and need. The only way to do this is by ...
Whenever a new technology hits the high points of hype, everyone starts talking about it like it will solve all their business problems. Blockchain is one of those technologies. According to Gartner's latest report on the hype cycle of emerging technologies, blockchain has just passed the peak of their hype cycle curve. If you read the news articles about it, one would think it has taken over the technology world. No disruptive technology is without its challenges and potential impediments t...
CloudEXPO New York 2018, colocated with DevOpsSUMMIT and DXWorldEXPO New York 2018 will be held November 12-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI and Machine Learning to one location.
DXWorldEXPO LLC announced today that Nutanix has been named "Platinum Sponsor" of CloudEXPO | DevOpsSUMMIT | DXWorldEXPO New York, which will take place November 12-13, 2018 in New York City. Nutanix makes infrastructure invisible, elevating IT to focus on the applications and services that power their business. The Nutanix Enterprise Cloud Platform blends web-scale engineering and consumer-grade design to natively converge server, storage, virtualization and networking into a resilient, softwar...
Hackers took three days to identify and exploit a known vulnerability in Equifax’s web applications. I will share new data that reveals why three days (at most) is the new normal for DevSecOps teams to move new business /security requirements from design into production. This session aims to enlighten DevOps teams, security and development professionals by sharing results from the 4th annual State of the Software Supply Chain Report -- a blend of public and proprietary data with expert researc...
So the dumpster is on fire. Again. The site's down. Your boss's face is an ever-deepening purple. And you begin debating whether you should join the #incident channel or call an ambulance to deal with his impending stroke. Yes, we know this is a developer's fault. There's plenty of time for blame later. Postmortems have a macabre name because they were once intended to be Viking-like funerals for someone's job. But we're civilized now. Sort of. So we call them post-incident reviews. Fires are ne...
The digital transformation is real! To adapt, IT professionals need to transform their own skillset to become more multi-dimensional by gaining both depth and breadth of a wide variety of knowledge and competencies. Historically, while IT has been built on a foundation of specialty (or "I" shaped) silos, the DevOps principle of "shifting left" is opening up opportunities for developers, operational staff, security and others to grow their skills portfolio, advance their careers and become "T"-sh...
This session will provide an introduction to Cloud driven quality and transformation and highlight the key features that comprise it. A perspective on the cloud transformation lifecycle, transformation levers, and transformation framework will be shared. At Cognizant, we have developed a transformation strategy to enable the migration of business critical workloads to cloud environments. The strategy encompasses a set of transformation levers across the cloud transformation lifecycle to enhance ...
Authorization of web applications developed in the cloud is a fundamental problem for security, yet companies often build solutions from scratch, which is error prone and impedes time to market. This talk shows developers how they can (instead) build on-top of community-owned projects and frameworks for better security.Whether you build software for enterprises, mobile, or internal microservices, security is important. Standards like SAML, OIDC, and SPIFFE help you solve identity and authenticat...
Lori MacVittie is a subject matter expert on emerging technology responsible for outbound evangelism across F5's entire product suite. MacVittie has extensive development and technical architecture experience in both high-tech and enterprise organizations, in addition to network and systems administration expertise. Prior to joining F5, MacVittie was an award-winning technology editor at Network Computing Magazine where she evaluated and tested application-focused technologies including app secu...
Mike is managing director in Deloitte Consulting LLP's Cloud practice, responsible for helping clients implement cloud strategy and architecture to drive digital transformation. Beyond his technology experience, Mike brings an insightful understanding of how to address the organizational change, process improvement, and talent management challenges associated with digital transformation. Mike brings more than 30 years of experience in software development and architecture to his role. Most recen...
Having been in the web hosting industry since 2002, dhosting has gained a great deal of experience while working on a wide range of projects. This experience has enabled the company to develop our amazing new product, which they are now excited to present! Among dHosting's greatest achievements, they can include the development of their own hosting panel, the building of their fully redundant server system, and the creation of dhHosting's unique product, Dynamic Edge.
Your job is mostly boring. Many of the IT operations tasks you perform on a day-to-day basis are repetitive and dull. Utilizing automation can improve your work life, automating away the drudgery and embracing the passion for technology that got you started in the first place. In this presentation, I'll talk about what automation is, and how to approach implementing it in the context of IT Operations. Ned will discuss keys to success in the long term and include practical real-world examples. Ge...