In less than a year, two major cybersecurity-related events will impact operations at auto and truck dealerships across California: the end of Windows 7 Security Support and the rollout of the CCPA. Companies that choose not to update their software before the end of the year put their client data at risk, and set themselves up for steep penalties from the state while they do. Here’s what you need to know:
Event #1: Retiring Windows 7 Security Support
Dealerships need cybersecurity protections that are constantly updated to meet ever-evolving threats. However, for Windows 7 users, automatic security patches are being sunsetted early next year.
Microsoft announced recently that it will stop offering security patches to their Windows 7 operating system as of January 20th, 2020. With no new patches to protect you from new viruses, trojans, and worms, your current system becomes a greater liability every day.
In 2014, Microsoft retired Windows XP in a similar manner. Within a few months, cybercriminals developed new ways to target businesses who were running XP with ransomware attacks, leading to thousands of dollars in damages and a breach of untold amounts of personal data. Dealerships can anticipate similar threats in the wake of changes to Windows 7.
When it comes to upgrading your operating system, the sooner the better. Windows 7 was launched a full decade ago, and a lot has happened in the cybersecurity world since then. Windows 10 is a major advancement in cybersecurity, especially for dealerships who network with other locations through cloud operations. Windows 10 was designed with the cloud in mind and offers more robust and modern security than its predecessors as a result.
In other words, it was built for today’s cyberthreats and evolves to stay ahead of new threats and tactics better.
Updating your whole network of computers can create major disruption if done at the last minute. For dealerships with smaller or less experienced IT teams, hiring help from automotive managed IT partners can get the job done quickly (and with less hassle).
Event #2: CCPA Regulations Launch
Updating the operating system on a network of computers can be a hassle, but it’s a manageable challenge. However, the California Consumer Privacy Act (CCPA) poses an existential threat to dealerships who fail to come into compliance.
Under this new law, businesses that don’t meet strict data storage protocols are subject to heavy fines — to the tune of several thousand dollars per customer. In addition, the law opens up businesses to civil liability suits from customers who feel their data was improperly handled. Without proper cybersecurity and data storage protocols, your dealership could be on the hook for huge penalties — even if you haven’t experienced a data breach. Running an operating system that is no longer receiving security patches is pretty much the definition of non-compliance.
Key steps for preparing your dealership for CCPA include understanding your current data management system, comparing what you’re doing to best practices and updating as needed, and gathering necessary IT resources to implement changes. While the compliance checklist is thorough and may seem daunting, it isn’t anything your company can’t handle (with a little help).
You’re expected to know the ins and outs of new cybersecurity law, but you don’t have to navigate those waters on your own. If you need help implementing new policies, contact Helion for assistance.