|
TSD's Fuel for Thought: Security and Privacy
TSD's Fuel for Thought series brings you the most up-to-date information on our customers’ favorite features to help you optimize your fleet and streamline operations at your locations.
In today’s era of heightened concern over data breaches and security incidents, protecting personally identifiable information (PII) should be the top priority for any SaaS provider. TSD is proud of its long history of providing applications that safeguard your confidential data and protect the sensitive information that your customers share with you. TSD frequently implements new security measures to ensure its compliance with the Payment Card Industry Data Security Standard (PCI DSS), which requires proper handling of all credit card data, including tokens. Let's explore the many ways in which security measures are implemented in TSD applications.
Security Options in TSD DEALER
User Authentication
Passwords for TSD applications must meet strict standards for complexity, decreasing the likelihood that a password may be guessed by unauthorized individuals attempting to access your system.
Unauthorized individuals won’t get far, as each application allows only a limited number of unsuccessful log-in attempts before an account is locked.
But if you do happen to forget your password, just choose your preferred self-service password reset method, available on the log-in page.
Access Permissions
When it comes to employees who are authorized users, the most efficient way to restrict access to various areas of the application is to make sure that each employee is assigned the appropriate role (Low, Medium, or High). In this way, employees are restricted to the menus and functions that are necessary for them to complete their daily tasks.
Privacy Matters
What is personally identifiable information (PII)?
Personally Identifiable Information (PII) is data that can be used to identify an individual. Examples include dates of birth, information from driver’s licenses or other identification documents, contact phone numbers and addresses (including email), and credit card data.
Privacy Screen. To protect on-screen sensitive information when an employee has to step away from a screen momentarily, TSD DEALER offers a privacy screen with only a search option and a button to resume the most recent activity. A Screen Timeout setting governs the number of seconds an employee at a location must be idle (that is, without any mouse movement, clicking, or typing) before the privacy screen displays.
Prevention of Credit Card Numbers in Text Fields. To protect customers’ sensitive data and ensure it is properly encrypted, the system prevents employees from saving credit card numbers in text fields, such as Customer Notes.
Redacted PII on Agreement Attachments in Communications. Customer PII, except for first and last name, is masked (redacted) on agreement forms attached to or linked within email or text communications generated from TSD DEALER.
PCI DSS Compliance
To ensure our ongoing compliance with the Payment Card Industry Data Security Standard (PCI DSS), TSD undergoes mandated, regular audits of our security policies and procedures. These audits confirm that our applications support proper processing and storage of all credit card data, including tokens.
Operational Security Practices
Managers and business owners also play a large part in security practices by the policies that are enforced at the counter and throughout the premises.
Prohibit Password Sharing
You can have an unlimited number of employees set up in the system. To maintain accountability, the most important rule is to keep a one-to-one relationship between employees and user names. Shared credentials can mask the identity of an employee, forming a fog of confusion as to who was responsible for an action in the software. They also make your operation vulnerable by potentially leaving a door open for access by terminated employees.
Close the Door!
To prevent your system from exposure to former employees, be sure to deactivate employees upon their departure. Deactivation removes employees from active lists while retaining a record of their past activity in the application for research and reporting purposes.
Call a Timeout!
All TSD systems have a timeout setting to limit the number of idle minutes permitted on a device before an employee must log in again.
Time-Honored Security Measures
When thinking of security, let’s not forget the tried and true methods of securing the physical layer of an operation. Keeping printed agreements in a locked cabinet and storing car keys in a secure location out of the sight of customers are just two of the most basic ways to protect your assets and data against theft.
Consider This...
Capture and store customer signatures digitally. With digital signature capture, you can collect and save digital copies of custom signatures, minimizing the need to store paper forms that could be compromised.
Upload photos of insurance cards. When you upload photos of insurance cards instead of keeping paper photocopies, access to the information is controlled by the application instead of by old-fashioned lock and key.
© 2025 TSD Rental, LLC