Auto e-commerce firm i-Vendi has warned motor dealers must cease the existing "post-it note" approach which often sees sensitive data left in plain view on desks or stuck to the edge of monitors.

According to the company, cases such as the recent eBay password leak testify to the importance for dealers to not underestimate the importance of privacy.

Go deeper with GlobalData

Premium Insights

The gold standard of business intelligence.

Find out more

James Tew, director of iVendi, said: Like a lot of IT companies working in the motor industry IT sector, we treat the subject of data security with the gravity that it deserves and work hard to ensure that our systems cannot be easily hacked."

However, he explained: "one of the weakest points in the dealer IT security chain tends to be at the dealer end."

In particular, high turnover rates and "general apathy towards the subject" are among the factors contributing to the vulnerability of passwords.

Several flaws were specifically highlighted by iVendi as particularly common in dealerships: the use of personal rather than work e-mail addresses and usernames, as well as easily guessable and seldom updated passwords.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Tew added: "In an industry where many dealerships have a sales staff turnover of 25-30% annually, it is common to find that the username is the personal e-mail address of someone who left the business some time ago, who may now be a disgruntled ex-employee with an axe to grind against your business.

"Clearly, this kind of approach barely qualifies as security at all. It is the equivalent of leaving the front and back doors of your home open with a large sign saying ‘Welcome burglars’ hanging from the eaves," he added.

"With more and more sensitive and potentially valuable information about both dealerships and customers being stored online, this is a situation that cannot continue and dealers need to adopt proper data security policies."