Information and data have become the next “oil” as this detail can be sold over and
over at devastating cost to an individual’s name being exploited. This is a growing
problem worldwide where employees are stealing information and selling it on. It’s
such a big headache in the UK that they have introduced and legislated the General
Data Protection Regulation (GDPR) law. Fines of over R320 000 can be given if you have
been traced as the culprit where the leak has taken place.
There have been more than 40 000 breaches since GDPR was introduced in May
last year, which clearly indicates the problem at hand. As much as R90 000 is offered for
a spread sheet from a client’s data base and it is a mushrooming problem globally. These
names can be used for cloning and other fraudulent transactions. How does this pertain to your body shop? If you are the source of the leak then you are responsible. You may not get fined yet in South Africa, but the world is a small place and we tend to follow global influence when it comes to rules and regulations. A new shift in mindsets and who deals with what information needs to take place in your business. Your
employees need to be informed about the seriousness of information breaches and trained
to protect all information – especially those of your customers.
So how is data stolen?
One of two ways – cyber-attack or by a rogue employee. There are two types of data;
personal data that identifies a living person and sensitive data such as fingerprints or your
voice recognition. All must be protected vigilantly.
Here are some helpful tips to start you on your way in your business. Only allow
certain people with mobile phones on the shop floor. It’s easy to walk past a job sheet
with someone’s information or the card lying on a bonnet and take a quick picture of the
details. Speaking of which, what are the client’s details doing on the job card to begin with?
Assign a job number to each card so there’s no details simply lying about to tempt anyone.
Look at who needs to see these details and limit the sets of eyes that are privy to
this sensitive information. Make sure to change your passwords regularly and ensure
that certain words, dates, names, etc are not used. Don’t click on links in emails or open
suspicious mail either. The key is in educating your staff to understand the importance of
these details and training them on a practical level in changing their habits to ensure better
security all round. Keep it simple and have paper shredders readily available for any hard
copies to be correctly disposed of.
Make sure to delete details in your courtesy cars that a customer may have paired to
during the use of the car. It’s best to show the client how to do this and let them delete
the information while you wait. Do things right from the start by stating your stance on securing data and important information as well as keeping it safe in your employment contracts. All employees need to YOUR DATA buy into and adhere to this standard. Always start as you mean to carry on.