Top CRM Security Measures to Implement in Wake of CDK / eLead Hack

In the dealership industry, safeguarding customer data is paramount. Recent events involving CDK and eLead have underscored the critical need for robust CRM security protocols. Whether your dealership has been directly affected by the CDK / eLead hack or not, it’s crucial to stay informed and take preventive measures to protect sensitive information. Here’s what you need to know and how you can mitigate risks to your dealership.

Overview of the CDK / eLead Situation

CDK and eLead, prominent names in dealership management systems, are currently embroiled in eight lawsuits, including two class action suits. The implications for dealerships using their systems are significant. The Consumer Financial Protection Bureau (CFPB) has also initiated investigations and imposed fines on dealers linked to these compromised systems. Understanding the legal landscape is vital. The lawsuit details can be found at the US District Court for the Northern District of Illinois.

Liability and Risk Management

Your dealership’s CRM likely contains thousands of sensitive records, such as driver’s licenses, social security cards, and bank statements. Following the breach, YOU ARE NOW LIABLE for these records. Any dealership that continues using a compromised system, despite being aware of the liability, risks facing higher fines and settlement amounts.

Steps to Minimize Exposure:

1. Immediate Action: Cancel Your Current CRM

The longer you use a compromised system, the more liability your dealership incurs. Cancel your current CRM provider immediately to halt further exposure.

2. Retrieve Customer Records

Request all customer records and contacts from your current CRM provider, ensuring you obtain no additional data to avoid further liability.

3. Adopt a Secure CRM Platform

Transition to a CRM platform that actively scans and captures all inbound attachments from emails and text messages, securely storing them in a designated area. This platform should allow a dealership-appointed manager to oversee and manage these documents, while also granting customers management rights over their data.

4. Implement Device Usage Policies

Prohibit dealership personnel from using personal mobile devices to obtain any documents or information from customers. Utilize a template agreement for this policy, available through PSX. Contact patrick@motoix.com for assistance.

5. Update Dealership Handbook

Integrate this new policy into your dealership’s handbook to formalize the procedure and ensure all employees are aware of the security measures in place.

6. Document Your Efforts

Maintain thorough documentation of all steps taken to safeguard documents and information. This demonstrates that your dealership has made all commercially reasonable efforts to protect customer data once aware of the breach.

7. Secure Your Dealership with PSXDigital

To navigate these challenges effectively, consider PSXDigital’s fully CFPB-compliant system. This CRM solution meets all the requirements to safeguard your dealership from potential liabilities stemming from the CDK / eLead breach.

Contact Information for CRM Demos:

• • Patrick Bruce, Product Specialist: patrick@motoix.com
  • Dan Chase, Product Specialist: dchase@motoix.com

What Dealers Are Saying About PSXDigital

Don’t just take our word for it, hear from our dealer members about their experiences with PSXDigital. See member testimonials here.

 

Overview

The CDK / eLead hack has highlighted the importance of stringent CRM security measures in the dealership industry. Dealerships must act promptly to mitigate risks and protect sensitive customer data. By canceling compromised CRM systems, retrieving records, adopting secure platforms, implementing strict device usage policies, and thoroughly documenting all efforts, your dealership can confidently navigate this challenging landscape.

For a comprehensive solution, PSXDigital offers a CRM platform designed to meet all CFPB compliance requirements, ensuring your dealership remains secure and protected. Reach out to our product specialists for a demo and take the first step towards safeguarding your dealership today.