December 1, 2020
Not to alarm you, but nearly 43% of cyber attacks target small businesses. Yep, even driving schools!
What’s more, since COVID-19 hit the world this year, the FBI reported a 300% increase in cybercrimes.
(As if small businesses didn’t already have enough to deal with on their plate!)
Those percentages can be hard to fathom, so think of it this way – that averages out to a cyberattack every 39 seconds. Hacks affect one in three Americans every year.
And those fun and memorable yet non-secure usernames and passwords we use? That just gives attackers extra incentive to hack you and an even higher chance of success.
So what does that mean for you specifically? That means both your personal and professional accounts are at risk. But luckily, there’s something you can do about it to prepare.
By developing a risk management plan, you’ll significantly decrease the chances of being targeted for a potential hack.
Here are 7 risk management tips for driving schools to follow in order to keep hackers at bay and to keep your facility performing at its best.
Audit website security
The first step in developing a risk management plan for your driving school is to run an audit of your website’s existing security features.
Does your website have an SSL certificate? No? Stop reading and contact your web developer and add one to your website – ASAP! SSL certificates make your URL (domain) secure and more trustworthy.
Especially if you accept payments through your driving school website, you need to use an SSL certificate. Luckily, chances are you can get one through your hosting provider for free.
Next, is your website backed up? We’ve had clients not back up their website and lose critical information when their host’s servers were compromised.
There are several plugins you can use to ensure safe backups of your website’s essential data. Your hosting provider should also be able to run backups of your website content.
Lastly, to stay on the safe side, it’s wise to quickly run a scan of your website with an audit tool to ensure you are protected (do this at least once a year).
Utilize password software
Do you have the same password for all of your personal and business programs?
If so, download LastPass and change EVERY password so each program you utilize has a unique password.
There is a strong likelihood your email and passwords were a part of one of the high-profile security breaches (Capital One, Target, Marriott, etc..).
If so, now the login credentials you have used for every program is visible publicly on the internet. Click here to verify if this is the case.
Also, whenever possible do not share login credentials with family members or staff. Everyone should be logging into relevant programs via their own username and password.
PRO TIP – For email accounts, QuickBooks, GoDaddy, and other critical programs activate their Two-Factor authentication feature.
This provides an extra layer of security in case your username and password are compromised.
Train and inform your staff
We’ve all heard cyber-attack stories happening to other businesses. And we all think it could never happen to us. I’ve personally known a few owners whose emails were compromised and know of situations in which wire transfers were even attempted.
Cyberattacks are often sneaky and well-disguised, so they can be difficult to recognize. In some instances, text messages have been sent to staff members requesting money, gift cards, or an urgent payment.
Training and informing your staff of potential threats. Doing so will not eliminate all threats to your business, but it can significantly reduce the chances.
The most common threat is an email phishing attempt. Every year these are getting hard to identify since the emails look almost identical to a legitimate email request.
One way you could prepare for this is to set rules for expenditures. For example, for any expenses over $1000, the owner must verbally approve and digitally sign an expense approval form.
A simple annual training for your entire staff discussing these issues above will significantly decrease the chances of a potential cyber attack.
Conduct sexual harassment training
A few states require sexual harassment training (i.e., California) but we highly recommend training regardless of your state for the safety of each staff member and student.
An experienced instructor might already know how to navigate an inappropriate student question or gesture, but a new instructor might not.
Regardless, an annual group training for instructors will help raise awareness of sexual misconduct and diminish any unwelcome behavior in the workplace.
Protect your facility
Every risk management plan for driving schools should have a security camera system in place to protect your facility!
If you don’t have one already, consider purchasing Arlo devices and placing them in strategic key areas around your facility.
Another way to protect your driving school is to invest in COVID-19 signage to remind staff and customers about social distancing and wearing a mask while at work.
Consider adding signs in driving school classrooms, lobbies, bathrooms, or any area that receives high amounts of foot traffic and visitors.
By putting up signs, you’re reminding staff and students of the steps to take to prevent COVID-19 from spreading.
Develop a vehicle maintenance plan
Do you have a vehicle maintenance plan? Or do you wait until there is a problem with the vehicle and then have the issue addressed?
We recommend reviewing every vehicle at least once a month to ensure it’s safe to drive and has the proper supplies for both students and instructors within the vehicle in case of an emergency.
Another option to consider is purchasing a dashcam for your vehicles. Dashcams are a great way to create accountability with your instructors as well as give parents even more peace of mind.
Audit your insurance policy
No one likes to pay for insurance but it’s absolutely necessary, especially as you grow your business.
If you are doing $500,000 in annual sales and still have the same insurance coverage from when you were doing $250,000, that’s a red flag.
It’s critical to have a trusted insurance agent who knows your industry to help guide you through what type of coverages are important to protect your driving school.
We recommend talking to Brian Dolewski, the only agent that specializes in insuring driving schools across the country. Below is his contact information.
- Brian Dolewski
- Account Executive – Arachas Group, LLC
- Email: firstname.lastname@example.org
- Phone: (630) 673-3084
The end of the year might be a busy time for you both personally and professionally, but hopefully, you can slow down and follow a few of these risk management tips to ensure the safety of your driving school for years to come.
- Audit website security
- Utilize password software
- Train and inform your staff
- Conduct sexual harassment training
- Protect your facility
- Develop a vehicle maintenance plan
- Audit your insurance policy