ARTICLES

Security - How We Protect Your Data

27th April 2024

Andrew Knock

Andrew Knock, Chief Technology Officer

 

My colleague, Ian Gillot (Titan’s CIO), wrote an article for our DRIVEN newsletter in January discussing the automotive hot topic of cybersecurity, and he gave an extremely useful guide on how to best protect your business from outside threats (see Ian’s article HERE).

But what about internally at Titan? We’re a software company that powers business transactions, so what are we doing to counter the risk? What measures do we have in place as a platform (and a business) to provide those safeguards as an integral part of our service?

Safeguarding data is obviously one of our core responsibilities. And, whilst Ian rightly pointed out in his article, “Making it [data] impervious to attacks is something that even mega-corporations such as banking institutions and the military have been unable to achieve.“, there are plenty of actions we can take to build security into the system and its usage.

I’ll explain how we deal with three of the main topics below. I won’t go too deep into the technical aspects but if you’d like to know more, you’re welcome to get in touch for a further discussion.

ARCHITECTURE

Let’s start with our platform architecture, ie the framework on which our software lives. As a modern company (established in 2005) we are fortunate to suffer less from a significant issue common to older software businesses – aged legacy systems.

Technology gets old fast and the longer a software product has been around, the more likely it is to have been built on a framework unsuited to modern requirements and with potential security concerns.

The Titan DMS security benefits from the foundational technology on which it is built (see below). Hosting on Amazon AWS and building with the Microsoft suite means we benefit from the latest in secure and flexible enterprise software and can be sure these suppliers will continue to develop their products and security to tackle new threats as they become known.

Building on a solid base is the starting point for system security.

Enterprise Architecture

 

Further to the architecture, our Dealer Management System also benefits from being built with a layered architecture, from the data layer through to the presentation layer.

Top line, this offers “Separation of Concerns (SoC)”, meaning layers of our software are independent, allowing for the substitution of software in a segmented manner should that be necessary for best practice. i.e., we can replace the tyres when they’re worn, we don’t need a whole new car.

This separation allows progression flexibility, meaning we can upgrade our system to meet the changing needs of the market more easily and it also makes the opportunity for security breaches significantly more challenging.

TECHNOLOGY

Technology is at the heart of what we do. It’s a huge and complex aspect of our products and our business (and a neverending journey of development) but two key elements that are worth highlighting for the robust protection they provide are:

  • IP Whitelisting –  Access control to our systems is maintained through a strict IP address approval whitelist. This means only authorised devices can communicate with our network.
  • Data Encryption – We employ robust encryption algorithms to ensure that stored information remains confidential in transit. The data is encrypted and transmitted by HTTPS, protecting sensitive data from unauthorised access or interception over networks.

Across networks, the combination of IP whitelisting and HTTPS provides enterprise-level security against unauthorised data access. These two elements alone provide a significant security benefit to your data.

PRACTICE

The third element of our security protections that I’ll cover, and one of the biggest contributing issues to data breaches in business, is the behaviours and practices of the people using the software in both the front and the back end.

Three actions we employ to mitigate that risk are:

  • Separation Of Duties – Our IT staff adheres to the principle of duty segregation. By distributing responsibilities across different team members, we prevent any single person from having unchecked control over critical processes. This minimises the risk of errors, fraud, and compliance violations and increases peer responsibility. This principle can be successfully applied by the end user as well, particularly where finance is involved.
  • Cybersecurity Training – We regularly train team members in cybersecurity best practices. Separation of duties combined with regular training ensures a second and third layer of checks and balances in the stage before data access.
  • Password Policy – A regular password change policy is a core component of onboarding and training. Titan DMS enables strong password rules and regular user prompts to update passwords, ensuring outdated credentials don’t compromise security. This, in itself, could be a valuable standard practice for every business.

I know these seem like simple steps but they are achievable and you would be amazed at how effective they can be in protecting your systems, data, and business from cyber attacks.

There are, of course, a significant number of other contributing factors to the security of the Titan DMS system but I did promise to keep it manageable and digestible!

We’re more than happy to dig deeper into any part of our security in one-to-ones but, by sharing the above, I hope to have given you an overview of the structural benefits and simple steps we take to secure your vital business data.

Don’t hesitate to reach out if you’d like more information.

Best Regards

Andrew

 


Bio: Andrew has a blue-chip background in finance and software from both a development and management perspective. Years spent with the Treasury, Macquarie Bank, and QSuper in particular have given him a huge amount of experience on the topic of software security.

Other stories on our Blog
Meet Mark Mezgec
Mark Mezgec Titan DMS
It's the turn of our office optimist, Mark Mezgec, to answer the quickfire questions so we can get to know him a little better
Security - How We Protect Your Data
Data Security Image - Featured
Titan is a software company that powers your business but what are we doing to protect your data?
Understanding Layered Architecture
Layered Architecture - Featured Image
A crucial aspect of our platform is its layered architecture. This article give you some insight into the software used and the benefits of building in that structure.
Meet Shane Mifsud
Shane MIfsud
New BDM for Victoria and Tasmania, Shane Mifsud, was next in line for our quickfire questions to get to know him a little better.  Here's what he said!
Meet Amanda Dexter
Amanda Dexter
We put Business Development Manager for New South Wales, Amanda Dexter, through our rigorous questioning so we can get to know her a little better.  Here's what she said!
Get To Know Titan
Titan Overview Featured Image
Time is precious, so we challenged ourselves with the fun task of seeing how much of an overview we could give on the Titan business, people, and technology in under a minute.
The Eternal Tech Dilema
tech dilemma feature
If you know you need to drive technology change in your business where do you start? Here are some thoughts that we hope prove useful in establishing direction.
Phishing Scandals
Hacker Phishing
"Business email compromise scams". Four words that describe $13m of losses over approximately 981 cases in Australia between 1st January and 30th September 2023 according to the ACCC.
Meet Nicole Bedingfeld
Nicole Bedingfeld
We submitted our Head of People & Culture, Nicole Bedingfeld, to a quick interrogation so we can get to know her a little better. Here's what she said!
Automotive Cybersecurity
Cybersecurity threats are top of mind for many in the automotive industry as we head into 2024...
Titan's Values-Driven Approach
In a world of digital solutions, we believe people still make the difference.
Titan Launches In Japan
Titan DMS is delighted to announce our launch into the Japanese automotive market. 
Key Appointments: Gearing Up For Growth
As Titan DMS accelerates its global expansion in 2024, we spent the last few months of 2023 getting foundations in place to capitalize on several significant opportunities in Australia and international markets.
BMW Thailand: Network Roll-Out Success
The implementation of Titan DMS software across Thailand's BMW dealer network has now been completed. This marks the successful conclusion of an extensive three-year deployment project and signifies a major milestone for Titan in our international development.
Helping You Get More From Titan
Meet Gary Creer, our new Product Utilisation Specialist here at Titan.
Super-Charge Productivity At Onboarding
One of the most common challenges facing automotive dealerships every day is staff turnover. With an industry that sees staff transition rates anywhere between 30-50%, ensuring new staff reach minimum productivity levels in the shortest time possible is essential.
Customer Satisfaction - KPI Improvements
A key pillar of Titan’s DMS offering is the provision of a knowledgeable and empowered customer service team that can provide reliable and timely support to keep our dealer and OEM customers working.
Titan 2024 - The Road Ahead
As we step into the new year, 2024 provides us with exciting growth opportunities at home and abroad, and our recruitment drive to fill these opportunities is already well underway.