The Amendments to the Safeguards Rule

The compliance deadline for the amendments to the Safeguards Rule is December 9, 2022. Is your dealership on track? Here are the nine elements of the Safeguards Rule:

  1. Designate a qualified individual to implement and supervise your company’s information security program.
  2. Conduct a risk assessment.
  3. Design and implement safeguards to control the risks identified through your risk assessment.
    • Implement and periodically review access controls
    • Know the data you have and where it is stored
    • Encrypt customer information at rest and in transit          
    • Access your apps and evaluate their security
    • Implement multi-factor authentication for accessing customer information on your system
    • Dispose of customer information securely
    • Anticipate and evaluate changes to your information system or network
    • Maintain a log of authorized users’ activity and monitor unauthorized access
  4. Regularly monitor and test the effectiveness of your safeguards.
  5. Train your staff on security awareness measures.
  6. Monitor your service providers.
  7. Keep your information security program current through regular monitoring.
  8. Create a written incident response plan.
  9. Require your qualified individual to report regularly to your Board of Directors or senior officers.

For more information, check out these additional resources from the Federal Trade Commission (FTC) and NADA:

How can we help you?

Reynolds software allows administrators to grant and remove user access and provides reporting that details what items users can access.

Access Control Icon

Implement and Review Access Controls

Data in the Reynolds DMS is stored in an encrypted manner. Customer information is also encrypted when sent outside of the system. The Reynolds Certified Interface program allows you to send data outside the system securely using real-time, bi-directional, custom-built interfaces for certified third party vendors.

Encrypt Data Icon

Encrypt Data at Rest and in Transit

Reynolds software allows users to delete customer information as needed; additionally, this ability can be restricted based on user access controls.

Secure Disposal Icon

Securely Dispose of Customer Information

Reynolds Interface Dashboard allows you to see what information is being sent outside of the system and where it is going. It also tracks data changes from third-party vendors to provide tools to help identify data corruption with the ability to provide support if a data incident occurs.

Monitor Access Icon

Monitor and Document Who is Accessing What Information and When

Reynolds offers several IT and cybersecurity solutions that help you monitor, detect, and prevent potential cyber incidents, as well as conduct regular penetration testing.

Test Security Icon

Monitor and Test Effectiveness of Your Security Plan

Are you a Reynolds customer? Reach out to us if you want more details on how to complete any of these actions in the system.

You Don’t Have To Go It Alone

Your objectives each day focus on selling more vehicles, selling more service, providing an excellent customer experience, and ensuring your employees are satisfied in their job.

You don’t have to add cybersecurity and network management to your list as well. You need a trusted partner with expertise in this area. We’ve got you covered.

Proton Dealership IT is an automotive leader in cybersecurity, including:

  • Cyber incident response
  • Employee awareness training
  • Vulnerability assessments
  • Security monitoring 
Proton Logo

And that's just the beginning... Proton provides the opportunity for you to outsource your IT department and infrastructure needs, offering an industry-leading Security Operations Center, remote helpdesk, and on-site support team. 

Explore Proton

Schedule Your Free Consultation

Are you ready to enlist the help of an industry-leading partner to protect your most important asset... your data? It all starts with a free consultation to evaluate your current IT and cybersecurity infrastructure. From there, we'll develop a custom plan that fits your dealership's needs. 

No two dealerships are the same, so your security measures shouldn't be either. 

After filling out the form, one of our experts will be in touch. 

Lead Form Icon

Let's Get Started

Related Resources

FTC Safeguards Rule Amendments Playbook

In this booklet, we’ll provide answers to frequently asked questions around the Safeguards Rule, its impact on dealerships, and what Reynolds is doing in light of these amendments.

Read Playbook

Safeguarding Your Dealership

In this Connected episode with Brad Holton, founder of Proton Dealership IT, they discuss the cyber threats dealerships are faced with, what they can do to protect themselves, and more. 

Listen to Episode

Safeguards and Cybersecurity Q&A

Top IT and cybersecurity experts dive into the details of cyberattacks in automotive, break down how dealerships can protect themselves, and review the new Safeguards Rule amendments. 

Watch Q&A