Dealer SSNs on credit apps, driver license scans, bank statements, pay stubs — all flowing through email and your DMS. The FTC Safeguards Rule made continuous monitoring mandatory for dealerships in June 2023. Most stores your size are not actually doing it.
Maximum per-violation FTC civil penalty for Safeguards Rule non-compliance
36 detection engines sweep your Microsoft 365, Google Workspace, AWS, and Cloudflare accounts every five minutes. Critical threats surface instantly. Normal activity gets filed away.
A compromised F&I manager inbox exposes every credit application: SSN, DOB, driver license, employer, and bank account. One exfiltration event and you are reporting to every state AG where a customer lives.
Reynolds, CDK, DealerSocket — all integrated via OAuth apps and saved credentials. One hijacked service email with a malicious OAuth grant gives an attacker read access to every deal in the system.
An attacker sits in a dealer inbox, watches for a real loan-approval email, then spoofs funding instructions to the lender. Title funds go to the attacker while your dealership eats the chargeback.
SentinelSMB provides the continuous-monitoring, access-control, and incident-response controls these frameworks require. Pro subscribers get the audit-ready evidence package.
Auto dealers are financial institutions under GLBA. The amended FTC Safeguards Rule requires continuous monitoring, designated qualified individual, access control, encryption, and incident response — all mandatory as of June 9, 2023.
The Safeguards Rule specifically requires detection of unauthorized access attempts. SentinelSMB flags anomalous logins, impossible travel, and credential stuffing attempts across your dealership accounts.
Every state requires notification when personal information is accessed without authorization. Auto dealerships hold some of the most sensitive PII of any SMB category — SSNs, DLs, pay stubs, bank statements.
Major OEMs (Ford, GM, Stellantis, Toyota) have added cybersecurity requirements to franchise agreements and dealer standards audits. Documented continuous monitoring is now baseline.
SentinelSMB monitors the Microsoft 365 or Google Workspace accounts that connect to your DMS. Since most DMS logins pass through your email (via MFA prompts, password resets, OAuth consents), we see the activity there. We do not require a direct integration with Reynolds, CDK, or DealerSocket.
SentinelSMB sits alongside your IT vendor as the 24/7 cybersecurity monitoring layer. Your IT vendor handles network, workstations, and DMS issues. We watch the cloud accounts where account takeovers happen. Complementary, not redundant.
Those are network-layer concerns your IT vendor should handle. SentinelSMB focuses on account activity — logins, forwarding rules, OAuth grants, data exfiltration — across your business email and cloud infrastructure.
Yes. Pro subscribers get the Cyber Insurance Evidence Report — a 7-page document generated from your real monitoring data. It maps directly to the controls OEM audits ask about and saves several consulting-hours of manual evidence gathering.
Get actual monitoring live in under 10 minutes. 7-day free trial, cancel in one click, Pro subscribers receive the OEM-audit-ready evidence package.