Unauthorized Activity Monitoring
All systems usage must be logged. Authorized users’ activity must be recorded and unauthorized use must be detected. The rule doesn't specify how dealerships must accomplish this requirement but one way is to engage a Security Operation Center or SOC to handle the task.
314.4 (c) (8)
detect unauthorized access or use of, or tampering with, customer information by such users.
AgileBlue is built around you: all your data, all the time, against all your threats. We leave no vulnerability unchecked. We detect cyber events in your business-critical applications including system security logs, external attackers or malicious insiders, and unauthorized access or account takeover.