With advertisements of cars with giant red bows plastered around America, it’s no surprise that December truly is one of the most popular times of year to buy a car. New 2019 models have just come on the market, and 2018 models are dropping in price, making it a great time to buy. In fact, last year, U.S. market auto sales saw a five percent increase between September and December.

With this increase in sales during the holiday shopping season, there is also a great increase in the sensitive information coming to and through auto dealers’ doors each day, from driver’s license numbers and social security numbers to loan paperwork and insurance information and more. All of this confidential information makes auto dealers a prime target for data breaches (both physical and cyber), regardless of their size.

While much of the market is focused heavily on cybersecurity breaches, it’s essential that dealerships also prioritize the physical security of their customer’s documents. With 43 percent of U.S. consumers believing that the personal information they share with brands or companies could be vulnerable to a security breach, it’s time for companies to consider new tactics to protect this consumer data. Furthermore, 75 percent of Americans say data protection is important when making a decision about which car dealer to buy from.

There’s no better time than the present to reconsider your dealership’s information security initiatives, so let’s take a look at how auto dealerships can take steps to protect consumer data during this high-volume sales season and into 2019:

• Update Company Policies. The end of the year is the perfect time to review company policies and update them to reflect the changing security climate. These policies can include tactics from securing physical information to cybersecurity to staff training and even document and hardware disposal. Even if the dealership has never had a security breach in the past, the stakes are high. In fact, four in 10 consumers (40 percent) say they would stop doing business with a company/brand if the company previously suffered a security breach. One policy that dealerships should consider implementing to combat this is risk is a document management solution. This policy helps employees understand how to organize the wide variety of documents that come across their desks every day and creates standards for discarding physical documents.

Policy updates should also follow current regulations. Because dealerships collect and house customer’s financial records, they are considered a “financial institution” and have specific legislative guidelines they must follow to protect confidential consumer information. Going into a new year is the perfect time to ensure your dealership’s policies are up to date with the current regulations.

• Mitigate the Security Risk from Desk Disorganization

With the vast variety of paperwork needed to buy a car, it’s easy for dealerships to let papers pile up on their desks, particularly during busy seasons. However, this not only creates unpleasant clutter, but also a major security risk for the dealership.

The most efficient way to keep clutter at bay is to institute a Clean Desk Policy, which enforces both a clear working surface, and the protection of sensitive customer information. A Clean Desk Policy requires all employees to keep their desks clear and lock away all paperwork and sensitive information into secure areas or drawers. One way to ensure employees follow this policy is through the concept of “hot desking,” in which employees don’t have permanently assigned desks or workspaces, forcing your staff to keep desks clear and information secure. Another great way the Clean Desk Policy mitigates risk is by taking away any opportunity for visual hacking, meaning stealing information by just seeing it on one’s desk or around the office. If there is no sensitive information out and available for visual hackers, the dealership automatically alleviates that threat.

• Properly Dispose of Hardware and Confidential Documents

Nearly half (49 percent) of Americans incorrectly believe that the way to properly destroy information on old devices and hard drives is to simply wipe the device. However, it is still possible for hackers to regain information from the wiped technology. The best way to securely dispose of hard drives and other unneeded technology is to have a professional permanently destroy the hardware. The same principle applies to physical paper documents (a trustworthy and environmentally friendly way to dispose of paper documents is by simply shredding them).

• Make Your Staff Your Biggest Security Asset

According to recent survey, 40 percent of reported security breaches are caused by employee negligence. Additionally, 96 percent of consumers view employee negligence as at least a minor contributor to data breaches at U.S. companies. To ensure that your dealership doesn’t have this problem, the solution requires staff training. This training can come in the form of presentations, handbooks, informal meetings, or a combination of the three, to equip staff with the information they need to be a security asset to the company, rather than a risk. This is particularly important during high volume sales times like December, when more seasonal workers are present in the dealerships. For these workers in particular, it is essential to provide this security training before they hit the sales floor to protect from potential breaches.

As both consumers and hackers become smarter about security, there is a greater need for auto dealerships to reevaluate their policies and security protocols to maintain consumer loyalty and their reputation. This holiday season, and going into 2019, information security needs to be a top priority for dealerships, their staff and their consumers.