AutoAlert Continues to Deliver the Highest Level of Data Security
Data security is always a high priority, and we are here to guide you through everything you need to know about the new Safeguards and gaining/remaining compliant.
The FTC Safeguards Rule was designed to develop and implement a comprehensive written information security program to ensure that entities covered by the Rule maintain safeguards to protect the security of customer information. The security program obligation under the Rule requires financial institutions and dealers to explain how they plan to protect customer information so it does not fall into the hands of an identity thief.
The Safeguards Rule requires financial institutions under FTC jurisdiction to have measures in place to keep customer information secure. In addition to developing their own safeguards, companies covered by the Rule are responsible for taking steps to ensure that their affiliates and service providers safeguard customer information in their care. Federal Trade Commission | https://www.ftc.gov/legal-library/browse/rules/safeguards-rule
There are five constant elements of the FTC Safeguards Rule Program, and the five elements that must be implemented are as follows:
- Assigned Program Coordinator to oversee the program
- Conducted Risk Assessment to evaluate the risks to your customers’ information
- Adequate Safeguards/Regular Audits administered to determine potential risks
- Oversee Service Providers that have access to your customer information
- Adjust Information Security Program in consideration of changing circumstances
In 2021, the Rule was amended, requiring all organizations subject to the rule to adopt a series of technological minimums, regardless of circumstance. Now the FTC has incorporated technological minimums and the five elements that directly affect all dealerships.
The steps taken to be fully compliant by December 9, 2022, are as follows:
- Ensure all written policies are in place
- Complete all required training
- Update vendor review and contracts, including auditing provisions
- All technical requirements tested and active
- Create/Update all other policies and procedures
AutoAlert is the most secure and reliable hosted solution in the industry
AutoAlert is leading the industry, has taken all the necessary measures to comply with the new FTC Safeguard Guidelines, and is prepared to support our dealers with industry-leading data security.
Amazon Web Services
AutoAlert hosts our platform and customer data on Amazon Web Services (AWS). Along with managing services within the data center and having comprehensive service level agreements to provide our customers with the utmost security and reliability. We secure the data with enterprise-level firewalls and data encryption, and we utilize IP restrictions to further secure access to the application and data.
ISO/IEC 27001:2013 Certification
AutoAlert’s ISO/IEC 27001:2013 certification is evidence that AutoAlert has met rigorous international standards in ensuring the confidentiality, integrity, and availability of AutoAlert applications hosted in a cloud environment with the development, engineering, IT, and other activities that support the applications.
SOC 2 Type ll Accredited
AutoAlert is the only automotive software company with SOC 2 Type II accreditation. SOC 2 Type II is an external audit regularly conducted to verify the continuous effectiveness of our security controls. Our SOC 2 Type II accreditation is one of many achievements demonstrating AutoAlert’s dedication to our customers’ privacy.
We are here to guide you through the following steps. If you want additional details about AutoAlert’s security promise, check out this page now!