DETROIT -- Dealership data security and protection of consumer information remain major dealer concerns, said David Westcott, chairman of the National Automobile Dealers Association.
Westcott, dealer principal of Westcott Automotive in Burlington, N.C., said last week during an editorial board meeting with Automotive News that the average dealership has 17 vendors pulling information from its database every night, often without store executives knowing who's extracting the data.
"You'd be surprised how many companies have access to the dealer data and the dealer doesn't even know about it," said Westcott, who sells Buick and GMC vehicles.
He said an informal group of dealers involved with NADA often discusses data issues, but no task force has been formed to recommend security measures.
Dealerships face federal and state penalties if the consumer information they collect, including Social Security numbers and sensitive financial data, leak to unauthorized people.
Westcott said he occasionally blocks third-party data extractors that the factory and others use to retrieve information from his store. That tells him who really needs the data.
"If you have your IT guy shut everybody off one night, those who truly need that data will call you the next day," he said.
The automakers contract with certified data extractors to daily fetch data on things such as inventory, sales and other business operations.
Westcott said the factories can help protect the data by ensuring that extractors copy only the necessary data fields in a dealer's dealership management system.
"They have to make sure that they have the confidentiality agreements with their vendors," he said. "And if the vendor is extracting something that the manufacturer needs four pieces of data for, why are they taking 25 pieces of data?"