The automobile sales industry is extremely competitive, and customer data is often leaked to the competition. This poses the serious risk of client loss. Rival showrooms often swoop in, particularly as leasing periods are about to expire. The results can be significantly harmful, especially when large corporate clients are lost.
BMW Invelt is the largest and most successful authorized vendor and service provider for BMW, ALPINA and MINI vehicles in the Czech Republic. With its portfolio and showroom size, it is ranked among the top European providers. BMW Invelt wanted to be absolutely certain that their customer data would remain safe. That’s why they chose Safetica.
The Safetica Solution
An initial analysis of Invelt was followed by an in-depth security audit carried out using Safetica DLP. The focus of the audit was on how data usually gets leaked – through copying confidential data to external devices (e.g., USB flash discs), sending it in e-mail attachments, printing it and uploading it to cloud storage.
Based on the information generated by the audit, Invelt decided to implement Safetica DLP software in order to restrict any risky behavior. Bringing the product online in notification mode allowed Invelt to ease into their new safety protocols. The interface gave employees the information and knowledge they needed to handle Invelt customer data securely. Over time, Invelt moved into the restrictive mode and thus ensured that none of their data leaves their hands.
Using Safetica DLP, Invelt classified the types of media that could be connected to their system. Now only encrypted USB devices can be used to transfer data. So even if a USB is lost or stolen, the data on it is protected.
- Invelt's confidential data can only leave company when properly secured
- CRM database is protected against any attempt to export data
- Financial data is clearly restricted in how and what can be transferred to external service providers
- the IT department is immediately notified of possible security incidents and has all the information it needs to verify security compliance