This document discusses technology threats facing auto dealerships in 2013, including actions from the Federal Trade Commission (FTC) and lawsuits from the Business Software Alliance (BSA). The FTC is taking action against dealerships that do not adequately protect customer data, viewing them as financial institutions. The BSA pursues civil litigation against dealerships using unlicensed software. Dealerships risk downtime, data theft, legal issues, and loss of customer trust and profits if their security is insufficient. Proper security measures are outlined, such as Active Directory, wireless control, security patching, and acceptable use policies.

1. Pg. 35
Dealership Technology
Erik Nachbahr
President
Helion Technologies

2. Top Dealership
Technology
Threats in 2013

3. About Helion / Erik Nachbahr
• 15 years working with Auto Dealers
• 80 IT Professionals, many with BS and MS
Computer Science degrees and advanced industry
certifications
• 530+ Dealerships supported with 17,000+
computers

4. Top Real-Time Dealer Threats
•Federal Trade Commission Action
•Business Software Alliance Lawsuits
•Theft of Customer Information / Data Loss
 Downtime and Lost Productivity
 Legal / Financial Liability

5. Threats to Reputation
• The Dealership who’s
customer data was stolen
• Dealership it not trustworthy
• Negative media coverage

6. Threats to Profitability
• Compromised systems / Systems down
• Stolen customer lists and personal information
• Bank Account Theft

7. FTC Action Against Dealers
• Based on Dealer’s lack of protection
of customer data
• Dealers are financial institutions
• Dealers are extremely vulnerable to
attack

8. P2P Software Threat
• Typically used to share copyrighted music, videos
and files
• Installed by an employee on their PC
• Automatically shares some or all of the computer’s
files to the Internet
• Legal liability and security risk but low on the list
of threats

9. What do you risk?
• Bad publicity
• Theft of customer records
• Shut down by FTC
• Business disruption from failed computer systems

13. What is broken in Dealerships?
• Zero security on local
computers
• No Central Control of
systems
• Open Wireless
• DLP (Data Loss Prevention)
applications not in use

14. What about
• Security Risk without proper Wi-Fi protections
• Productivity Drain potential
• Early-Adopter risk here

15. FTC Action Item # 1: Active Directory
• Deploy Windows Server Solution
• LOCK DOWN PCs
• Control Internet /
network use by employee

16. FTC Action Item # 2: Wireless Control
• Update and Lock down wireless with WPA2
Encryption
• Install a User-based
Security or Firewall for Wireless
• Separate Customer wireless from corporate
wireless

17. FTC Action Item # 3: Protection Systems
• Managed Computer security Patching
• Managed Antivirus
Systems

18. FTC Action Item # 4: Policy
• Have a computer acceptable
use policy
• All employees must execute and understand it
• Sample at:
www.heliontechnologies.com/policy/use-sample

20. Software Piracy
• 2010 US Piracy losses: $9.5 Billion
• 2010 US Piracy Rate: 20%
• 2013 Estimated Global Commercial Value
of Pirated Software: $63.4 Billion
• Tremendous incentive to prevent piracy

21. Who enforces anti-
piracy laws?
BSA
(Business Software Alliance)
Represents Microsoft, Apple, Adobe and others
Has paid over $453,455 since 2008 in rewards to
confidential informants

22. What is the BSA’s
Authority?
Not a law enforcement agency.
Uses civil litigation and
copyright law.
Pays “tipster rewards” of up to $200,000

23. Piracy Warning Signs
Microsoft Office 2003 or earlier in use
Custom Build / Home Built / “White Box” PCs
Internal IT Departments
Purchasing software licenses from the Internet

24. BSA Process
1. BSA Alleges piracy, demands self audit
2. Dealer performs self audit. Must provide invoices for all software
installed
3. BSA presents Dealer with demand (typically $3,000 x copies of
software unlicensed)

25. BSA Action Item :
Perform Self License
Assessment
Look for piracy warning signs
Document all software running on all
computers including invoices for all
Remove or purchase any software
without proper proof of purchase

26. Contact Information
Erik Nachbahr
enachbahr@heliontechnologies.com
Direct 443-610-7640