— Craig Barnes, CIO, Dick Smith Automotive
“I really feel like the team at Katalyst has my back. It has been a good partnership from sales to engineering and we love everybody there.”
Dick Smith Automotive is a multi-location dealership group serving communities across the Carolinas. The organization handles sensitive financial data every day as part of the car buying process, including loan applications, credit checks, and personal identity information. With a lean IT team of five employees, CIO Craig Barnes and his staff support everything from networking and infrastructure to security, collaboration, and user support.
When the FTC Safeguards Rule reclassified auto dealerships as financial entities, Dick Smith Automotive faced an urgent requirement to formalize security practices and implement continuous monitoring and reporting. With a small 5-person IT team managing all IT needs, Craig and his team had been making assumptions and taking on risk mainly because they were too busy to fully investigate every potential security issue.
Key challenges included:
Katalyst began with a Security Analysis and Roadmap that provided visibility into vulnerabilities, prioritized remediation, and created a realistic improvement path. Managed security services were established with monthly reporting. Katalyst also implemented a Meraki Enterprise Agreement for simplified licensing and deployed Rubrik for modern backup and disaster recovery.
The partnership has delivered clear operational and security advantages. The internal team maintains control of priorities while Katalyst provides resources, structure, and execution. Craig's team can now address long-term initiatives without the constant worry of day-to-day security issues.
FTC compliance achieved with structured documentation, monitoring, and reporting
FTC compliance achieved with structured documentation, monitoring, and reporting
FTC compliance achieved with structured documentation, monitoring, and reporting
FTC compliance achieved with structured documentation, monitoring, and reporting
FTC compliance achieved with structured documentation, monitoring, and reporting