• Stop being a LURKER - join our dealer community and get involved. Sign up and start a conversation.

Protecting Your Dealership & Customer Database in a Web Based World


Getting Refreshed
Apr 10, 2009
First Name
One of the positives and negatives with web based software is it can be accessed from anywhere. That means your CRM, Inventory, DMS and other databases are potentially accessible from anywhere in the world.

The positive is you can access the software programs from work, home, on vacation, or even on the beach. This is a great advantage to web based systems.

The negative is also the positive in this case. Disgruntled employees can login from home and people can attempt to hack your passwords from a far.

Shouldn't you restrict remote access to just a few computers in your dealership and just a few people who work remotely? Of course the answer is YES!

Web based software can be secured by limiting the IP addresses that are authorized to login to the system. Think of it like using a firewall to guard your web available databases. Authorizing only the IP address of your dealership can ensure nobody is accessing the system from home that shouldn't be. You could then exclude certain key employees and allow them access from anywhere.

I have seen a disgruntled terminated employee log in to the dealer's inventory management system and change the prices listed on all the dealer's inventory to be below their cost. You can imagine how ugly that got.

Check with your solutions providers about securing your dealership with IP address filtering.
Last edited:

Alex Snyder

President Skroob
May 1, 2006
First Name
I like having the option to close a CRM down by IP and allow certain users unlimited access, but I also like the idea of giving everyone unlimited access. It is fun to watch people using the system at midnight and on Sunday mornings - getting in touch with their customers when others aren't. And with unlimited access, I have a report that let's me know where people logged in from. We have all these options in iMagicLab.

However, we pull people out of the CRM before we fire them, so we haven't had any issues with disgruntled employees....yet <knock on wood>

There is no *right* way to do it. But it is nice to see another CRM vendor offering the option.
Apr 28, 2009
First Name
It also doesn't hurt to have a mandatory employee password changing event every now and then.

I would also recommend clearing private data from computers in the dealership on a regular basis and then reminding salespeople that they should not be using the "save password" feature when logging in. They should have to type in their user name and password each time; otherwise it's not a protected system. I would imagine there is probably a way to turn this off in the Firefox and Explorer settings.

Jerry Thibeau
National Sales Trainer
Last edited:
Increase Test Drive Appointments!